Whether you use a large virtual machine or a powerful hardware server, running labs with many nodes or labs with resource-hungry nodes in Cisco Modeling Labs (CML) can require a lot of memory/RAM and CPU. But this can be particularly problematic on a multi-user system—until now.
Cisco Modeling Labs offers a new feature called resource limiting, now available in CML 2.5 for Enterprise and Higher Education. Read on to learn more about resource limiting, how to set up resource limits in CML 2.5, and what you need to know as you configure the new feature on your CML server or cluster.
What is resource limiting in CML 2.5?
Resource limiting is one of the new features of the CML 2.5 release. The main idea here is to limit the resources that can be used by an individual user or group of users using an administrative policy configured on the CML server or cluster. Because this feature only makes sense within a multi-user system, resource limiting is only available in CML Enterprise and CML for Higher Education. Obviously, there is no reason for a user to restrict themselves.
Resources in a CML deployment, defined
Before the introduction of resource limiting, a user could acquire all resources in a CML deployment. And, as a result, other users were unable to launch their labs and nodes.
For context, resources in a CML deployment refer to:
- CPU cores
- Node licenses
- External connectors
The first three elements of this list are actually resources with limited availability. External connectors, however, may be restricted from a policy perspective. Even though external connectors are almost free in terms of memory and CPU cost, it makes sense to restrict their use for different users/groups.
How to configure CML resource limits
By default, there are no resource limits. An administrator can place resource limits by creating resource pools, which are then assigned to a user or group of users.
Create and assign resource pools
You can manage resource pools by navigating to Tools → System Administration → Resource Pools.
From there, you can create and assign pools. The system differentiates between a template and an actual pool, which is always based on a template and has a user or multiple users connected to it.
When assigning a template to a group of users, all users of this group fall into one of these two categories:
- They will be assigned an individual pool cloned from the selected template.
- They will share the same pool cloned from the selected template.
A shared pool switch controls this assignment, as the following screenshot shows:
When adding CML users to the resource pool (via Next button step on Add workflow), the administrator can choose which users (or groups of users) to assign to the pool, as shown in the following screenshot:
Create and define your template(s).
Resource pools are always based on a template. This also means that, at a minimum, you must first configure an underlying template (a base template). Templates allow us to automatically associate a new resource pool with a new user, whether they are created manually by an administrator or when they are created based on a new lightweight directory access protocol (LDAP) user login.
Templates also allow you to quickly change a setting for all pools inherited from a template. In addition, you can override the values for individual pools. That is, the values in the individual pool take precedence over the values specified in the individual pool template.
When a pool has multiple users assigned, all users share the resources configured in this pool.
Cisco Modeling Labs Training Videos
Available on the Cisco Learning Network. Watch now.
Restrict access to external connectors
External connectors provide connection to the outside. In shared environments with additional network interface cards (NICs), which connect to different outside networks, you may want to control which users or groups have access to which outside networks. You can also achieve this by using resource limiting.
A resource pool can specify which external network configuration is allowed or denied. As shown in the following screen shot, the administrator can give users of this resource pool one of two options:
- They cannot use any external connectors (see: Block all).
- They can decide which specific external connector configuration to use by selecting the appropriate one
If there is no specific external connector limit, users with this policy can select all existing external connectors.
How to check resource usage
The administrator, as well as individual users, can check the resource limit status. For administrators, the general state of the system is displayed. (For example, all existing resource pools, including their current usage.) Resource limit usage is available via Tools → Resource limits menu entry, as the following graphic shows:
Here, the administrator can see that there are two pools and the node licenses are used in the named pool Max50. In addition, the CPU and Memory usage of that pool also appears. However, since usage is not limited, the bar will appear in gray. The external connector and user columns show the external connectors used by the pool and the users assigned to the pool, respectively.
As for users, their view appears in the following graphic (also via Tools → Resource limits):
Node licenses are limited, 6 out of 50 or 12% are used, and 13 CPU cores and 6.5GB of memory are used. Both CPUs and RAM are unlimited, indicated by the infinity symbol on the gauge.
NOTE: Resource limiting does not check oversubscription. In other words: If the CML system has, for example, 32 CPUs, and the administrator puts a 64 CPU limit on a pool, the system cannot limit it. It’s up to the administrator to put reasonable limits in place!
Consequently, if no limit is placed, the resources are obviously not infinite.
Highlights and benefits of CML 2.5 resource limitations
The new resource limiting feature of Cisco Modeling Labs 2.5 provides a granular way to ensure fair consumption of resources in a distributed system. In addition, it allows for better policy control and is also a useful way to quickly determine resource usage by users or groups of users through the Resource Limits status page.
I hope you found this overview of resource limiting useful. What to do you think about this new feature update? Please share your thoughts with me in the comments. Thanks for reading!
Read next: Get started with Terraform and learn how to control virtual network infrastructure with Cisco Modeling Labs. Read it now.
Join the Cisco Learning Network now for free.
Follow Cisco Learning & Certifications
Twitter | Facebook | LinkedIn | Instagram
Use #CiscoCert to join the conversation.