Appneta cpe40 deployment instructions
Article ID: 260255
Updated On:
Products
Issue/Introduction
KB article to be supplementary with what is on documentation portal:
Environment
Note these requirements before you begin the installation:
- Cisco Catalyst 9300/9400 switch running IOS XE software version 17.03.03 or higher
- Cisco DNA Advantage license installed on the switch
- Front-panel data port configured to support application hosting
- Cisco-certified USB 3.0 SSD drive installed into the back panel
- Minimum resources available for the CMP - 1850 cpu units, 500 MB memory.
- Experience with Cisco IOx CLI
- Turn off Application Signature validation on switch (Requires GUI Access)
You also need to know:
- APM server name (APM_SERVER_NAME) and the site-key (APM_SITE_KEY) where the CMP will connect.
- CPE40 hostname (APM_CPE40_HOSTNAME)
- (Optional) IP address, netmask, default gateway and name server(s) to be assigned to the CMP’s guest-interface if the static addressing is required.
- (Optional) VLAN ID if you want the CMP to connect to a specific VLAN network.
Resolution
Installation Steps:
1. Enable Application Hosting Framework - Enable to IOx services and verify they are running:
2. Disable Application Signature Validation
A. Enable ip http server on switch and access from web URL
B. Access Cisco IOx Local Manager from Configuration > Services > IOx
C. Click on System Setting to Disable Application Signature Validation:
3. Download and Copy CMP Image
1. Download Appneta cpe image - https://mp-images.pm.appneta.com/appneta-cpe-current.tar
2. Download checksum of image, to be used to verify image after copying to switch - https://mp-images.pm.appneta.com/appneta-cpe-current.tar.sha512sum
3. Copy the tar file to flash: file system on the switch using any of the file transfer methods such as scp, ftp, USB key etc. This example shows the scp method:
#scp pathview-cmp-13.3.0.51728.tar <USER>@<CAT9K>:/pathview-cmp-13.3.0.51728.tar
4. Login to switch and verify copied files:
c9300-lab#dir flash: | include pathview-cmp278582 -rw- 290775552 Jun 4 2021 20:27:32 +00:00 pathview-cmp-13.3.0.51728.tar
5. Verify the sha512 checksum using the checksum computed in pathview-cmp-13.3.0.51728.tar.sha512sum:
c9300-lab#verify /sha512 flash:pathview-cmp-13.3.0.51728.tar...........................................................................<snip>........................................Done!verify /sha512 (flash:pathview-cmp-13.3.0.51728.tar) = b2b635907bc08d9763c3abd9e4976f614ba7a9a0a96ffdca0eeadaa7a388917d55f9615fd9f3ce513561bde2e6b342a89ab23406f20a02dcc6b139492283da22
4. Install CMP Application
1. Install the image that is just downloaded. In this example, cat9k_cmp is the name of the CMP application being installed:
c9300-lab#$app-hosting install appid cat9k_cmp package flash:pathview-cmp-13.3.0.51728.tarInstalling package 'flash:pathview-cmp-13.3.0.51728.tar' for 'cat9k_cmp'. Use 'show app-hosting list' for progress.
Note: this is going to be fixed name “appneta_cpe40”.
2. Verify the installation:
c9300-lab#show app-hosting listApp id State---------------------------------------------------------cat9k_cmp DEPLOYED
5. Configuring Application Hosting
1. Verify the configuration on the front panel data port. In this example, the data port GigabitEthernet1/0/1 is configured as a trunk port with a set of VLANs allowed on the trunk.
c9300-lab#show run | section GigabitEthernet1/0/1interface GigabitEthernet1/0/1 switchport trunk allowed vlan 120,122,124,128,150,152 switchport mode trunk
2. Verify the configuration on the internal data port. In this example, AppGigabitEthernet1/0/1 is configured to connect the applications to the data port GigabitEthernet1/0/1 (Must be a trunk port or you will not be able to assign IP Address!):
c9300-lab#show run | section AppGigabitEthernet1/0/1interface AppGigabitEthernet1/0/1 switchport trunk native vlan 120 switchport trunk allowed vlan 120,122,124,128,150,152 switchport mode trunk
3. Connect the application port to physical port.
Option 1 - (DHCP) - Application-hosting VLAN-specific mode, example for application connected to VLAN 150
c9300-lab#conf tc9300-lab(config)#app-hosting appid cat9k_cmpc9300-lab(config-app-hosting)#app-vnic AppGigabitEthernet trunkc9300-lab(config-config-app-hosting-trunk)#vlan 150 guest-interface 0c9300-lab(config-config-app-hosting-vlan-access-ip)#exitc9300-lab(config-config-app-hosting-trunk)#exitc9300-lab(config-app-hosting)#exit
Option 2 - (STATIC IP) - Application-hosting VLAN-specific mode, example for application connected to VLAN 150
c9300-lab(config)#app-hosting appid cat9k_cmpc9300-lab(config-app-hosting)#app-vnic AppGigabitEthernet trunkc9300-lab(config-config-app-hosting-trunk)#vlan 150 guest-interface 0c9300-lab(config-config-app-hosting-vlan-access-ip)#guest-ipaddress 10.10.20.101 netmask 255.255.255.0c9300-lab(config-config-app-hosting-vlan-access-ip)#exitc9300-lab(config-config-app-hosting-trunk)#exitc9300-lab(config-app-hosting)#app-default-gateway 10.10.20.254 guest-interface 0c9300-lab(config-app-hosting)#name-server0 8.8.8.8c9300-lab(config-app-hosting)#exit
4. Configure resources and docker runtime configuration. Make sure to replace <APM_SERVER_NAME> and <APM_SERVER_KEY> with the actual values. (See following KB if you are having trouble finding these values: https://knowledge.broadcom.com/external/article?articleId=240444)
c9300-lab(config)#app-hosting appid cat9k_cmpc9300-lab(config-app-hosting)#app-resource dockerc9300-lab(config-app-hosting-docker)#run-opts 1 --restart=unless-stoppedc9300-lab(config-app-hosting-docker)#run-opts 2 "-e 'APPNETA_SERVER_ADDRESS=<APM_SERVER_NAME>' -e 'APPNETA_SERVER_KEY=<APM_SERVER_KEY>'"c9300-lab(config-app-hosting-docker)#run-opts 3 "-p 3236:3236/udp -p 3237:3237/udp -p 3238:3238/udp -p 3239:3239/udp -p 3236:3236/tcp -p 3237:3237/tcp -p 3238:3238/tcp -p 3239:3239/tcp -p 1720:1720/udp -p 5060:5060/udp"c9300-lab(config-app-hosting-docker)#run-opts 4 --hostname=<APM_CPE40_HOSTNAME>c9300-lab(config-app-hosting-docker)#exitc9300-lab(config-app-hosting)#app-resource profile customc9300-lab(config-app-resource-profile-custom)#cpu 1850c9300-lab(config-app-resource-profile-custom)#memory 500c9300-lab(config-app-resource-profile-custom)#exitc9300-lab(config-app-hosting)#exitc9300-lab(config)#exit
6. Activating the Application
1. Run the below command to Activate the Application:
c9300-lab#app-hosting activate appid cat9k_cmpcat9k_cmp activated successfully Current state is: ACTIVATED
7. Start the Application
1. Start the Application
c9300-lab#app-hosting start appid cat9k_cmpcat9k_cmp started successfully Current state is: RUNNING
8. Verify the Installation
1. Verify that the application is running:
c9300-lab#show app-hosting listApp id State---------------------------------------------------------cat9k_cmp RUNNING
2. Verify that it is connected to the APM server from the "Manage Monitoring Points" page on the Appneta Sever
3. License should auto assign from pool if available.
9. IMPORTANT! - Saving the Configuration
1. Save the running configuration to NVRAM. Note that the copy command will overwrite the existing startup configuration.
c9300-lab#copy running-config startup-config
10. ** Optional: Upgrading the Application (Strongly Encouraged):
1. Download the new CMP Image to flash (See Section 3. Download and Copy CMP Image)
2. Upgrade the application. In this example, the 13.3.0.51758 image is downloaded using the previous step.
c9300-lab#app-hosting upgrade appid cat9k_cmp package flash:pathview-cmp-13.3.0.51758.tar
11. ** Optional: Web Proxy Support
1. To support connection to the CMP via web proxy, add the following run-opt option during installation time:
c9300-lab(config)#app-hosting appid cat9k_cmpc9300-lab(config-app-hosting)#app-resource dockerc9300-lab(config-app-hosting-docker)#run-opts 5 "-e 'HTTPS_PROXY=<PROXY_URL>'"
**Note Syntax** (user:password@ is optional): PROXY_URL=https://USER:PASSWORD@SERVER:PORT
Feedback
