First Published: October 31, 2022

This document provides information about Cisco Crosswork Infrastructure 4.4.x, including product overview, supported components, new functionalities, compatibility information, usage guidelines, and known issues and limitations.

Overview

Cisco Crosswork Infrastructure is a microservices-based platform and is the foundation required for running Crosswork applications. It employs a cluster architecture to be extensible, scalable, and highly available.


Note

Henceforth, Cisco Crosswork Infrastructure is referred to as "Cisco Crosswork" in this document.

For installation, configuration and administration procedures, refer the following documents:

Components

Cisco Crosswork supports Cisco Crosswork Network Controller solution and its contents:

Product

Version

Description

Cisco Crosswork Network Controller

4.1.0

An integrated solution that enables proactive management of end-to-end networks, and provides intent-based and closed-loop automation solutions to ensure faster innovation, optimal user experience, and operational excellence. It provides a unified user interface for device and service inventory, topology visualization, and service provisioning.

Cisco Crosswork Network Controller solution is bundled as Essentials or Advantage packages. See the next table for more information.

Cisco Crosswork Network Controller Packaging

Cisco Crosswork Network Controller solution is distributed as two packages.

Table 1. Cisco Crosswork Network Controller Packages

Package

 Contents

Description

 Version

Cisco Crosswork Network Controller Essentials

Cisco Crosswork Optimization Engine

An application that provides closed-loop tracking of the network state and real-time network optimization in response to changes in network state, allowing operators to effectively maximize network capacity utilization, as well as increase service velocity.

4.1.0

Cisco Crosswork Active Topology

A component of Crosswork Network Controller that enables visualization of topology and services on logical and geographical maps.

4.1.0

Cisco Crosswork Network Controller Advantage

Cisco Crosswork Optimization Engine

An application that provides closed-loop tracking of the network state and real-time network optimization in response to changes in network state, allowing operators to effectively maximize network capacity utilization, as well as increase service velocity.

4.1.0

Cisco Crosswork Active Topology

A component of Crosswork Network Controller that enables visualization of topology and services on logical and geographical maps.

4.1.0

Cisco Crosswork Service Health

An component of Cisco Crosswork Network Controller that overlays a service level view of the environment and makes it easier for operators to monitor if services (for example, L2/L3 VPN) are healthy based on the rules established by the operator.

4.1.0

Cisco Crosswork Health Insights

An application that performs real-time Key Performance Indicator (KPI) monitoring, alerting, and troubleshooting. Cisco Crosswork Health Insights enables programmable monitoring and analytics, and builds dynamic detection and analytics modules that allow operators to monitor and alert on network events based on user-defined logic.

4.4.0

Cisco Crosswork Change Automation

An application that automates the process of deploying changes to the network. Orchestration is defined via an embedded Ansible Playbook and then configuration changes are pushed to Cisco Network Services Orchestrator (NSO) to be deployed to the network.

4.4.0

Cisco Crosswork Zero Touch Provisioning

A component of Cisco Crosswork Network Controller that streamlines onboarding and provisioning of Day 0 configuration resulting in faster deployment IOS-XR and IOS-XE devices at a lower operating cost.

4.1.0

Cisco Element Management System (EMS) Services

A library of functions that provides deep inventory collection, alarm management and image management using Inventory, Fault, and Software Image Management (SWIM) functions.

4.1.0

What's New

The table below lists the primary new features and functionality introduced in Cisco Crosswork Infrastructure 4.4.x.


Note

Starting with the Cisco Crosswork 4.4 release, Crosswork deployment is no longer supported for the Cisco CSP platform. For more information, see End-of-Life Announcement for the Cisco Cloud Services Platform Operating System.

Table 2. New Features and Functionality in Cisco Crosswork Infrastructure 4.4.x

Feature

What's New

Core Infrastructure

  • Support provided for upgrading Cisco Crosswork to version 4.4.

  • Support provided for FQDN Syslog collection.

  • Event & Alarm Framework Collection support provided for Applications.

  • Support provided to rebalance an over-utilized VM node by reallocating the resources between the existing VM nodes in the cluster or a recently added worker node.

  • Support provided for making a data only backup for Cisco Crosswork.

  • Support provided for long-term data retention.

  • Support provided for integration with Cisco NSO Layered Service Architecture (LSA) deployment, including the provision to edit the policy details of the NSO provider.

  • Support provided for deploying Cisco Crosswork on Amazon Web Services Elastic Cloud Compute (AWS EC2) platform.

    Note

     

    Crosswork deployment in AWS EC2 is a limited release. Kindly contact the Cisco Product Management team for assistance.

Cisco Element Management System (EMS) Services

To enable service-driven workflow for packet networks, Cisco Element Management System (EMS) services are bundled with the Crosswork Network Controller Advantage pack. The EMS functions include inventory, fault, and Software Image Management (SWIM).

  • Inventory service integrates deep inventory collection with Cisco Crosswork’s Device Lifecycle Management (DLM). It enriches the existing device onboarding workflow to gather more insights about the device. Built-in device packages enable deep inventory collection when the user attaches a device to the Crosswork Data Gateway. The collection is persisted in the database and monitored using the Inventory APIs.

  • Fault service is associated with alarm management. It provides API support for subscription, request, retrieval, and auto-clearing of alarms for Topology Visualization services. Monitored using the Fault APIs, the fault service improves the existing topology views by showing the alarm status for devices and links.

  • SWIM is integrated with Crosswork Change Automation and managed with SWIM APIs. It allows operators to view, import, and delete software images, as well as push software images to the devices in the network. SWIM improves compliance, accelerates upgrades, and improves the network engineer experience.

AAA/RBAC

  • Support provided for LDAP Active Directory and secure LDAP.

  • Support provided for additional TACACS configuration options.

  • Support provided for additional x509 authentication methods.

  • Priority given to external authentication servers over local database authentication.

  • Ability to view and terminate active user sessions.

  • Provided audit log to capture all AAA operations.

  • Support provided to configure the local password policy from Crosswork UI.

  • Ability for users to view an audit log of their actions (including logout operation) on Crosswork UI.

  • Added notifications to alert user when the maximum number of parallel sessions are exceeded.

  • Ability to configure the idle timeout value used to automatically log off all idle users.

For more information, see the Manage System Access and Security chapter in the Cisco Crosswork Infrastructure 4.4 and Applications Administration Guide.

Compatibility Information

The following table lists the software versions that have been tested and are known to be compatible with Cisco Crosswork. For complete installation requirements, see the Cisco Crosswork Infrastructure 4.4 and Applications Installation Guide.

Software Supported Version

Cisco Operating System

Note

 

This is an application-level compatibility.

  • Cisco IOS XR: 6.5.3, 6.6.3, 7.1.2, 7.2.1, 7.3.1, 7.3.2, 7.4.1, 7.5.2, 7.7.1

  • Cisco IOS XE: 17.4.1, 17.5.1, 17.6.1, 17.7.1, 17.8.1

  • Cisco NX-OS: 9.2.1, 9.3.1, 10.2(3)

Hypervisor and vCenter

  • VMware vSphere 6.7 or above.

  • VMware vCenter Server 7.0 and ESXi 7.0.

  • VMware vCenter Server 6.7 (Update 3g or later) and ESXi 6.7 (Update 1 or later).

Browsers

  • Google Chrome—92 or later

  • Mozilla Firefox—70 or later

Cisco Crosswork Data Gateway (Cisco CDG)

4.1.0

Cisco Network Services Orchestrator (Cisco NSO)

  • 5.7.6 or higher 5.7.x version

Cisco Network Element Driver (NED)

  • Cisco IOS XR:

    • CLI: 7.40.1

    • NETCONF: 7.3.2, 7.315, 7.4.2, 7.5.2, 7.6, 7.7.1

  • Cisco IOS:

    • CLI: 6.77.9

Note

 

Additional function packs may be required based on the applications and features being used. See the Cisco Crosswork Infrastructure 4.4 and Applications Installation Guide for details.

Cisco Segment Routing Path Computation Element (SR-PCE)

Cisco IOS XR 7.7.1

Important Notes

  • It is recommended to deploy Cisco Crosswork on a highly available cluster (vSphere HA) with shared storage.

  • Managed devices, VM host and the VMs should use the same NTP source to avoid time synchronization issues.

  • Confirm that the DNS and NTP servers are properly configured and reachable on the network the Crosswork cluster will be using.

  • Use Terminal Access-Control System Plus (TACACS+), Lightweight Directory Access Protocol (LDAP) or Role-Based Access Control (RBAC) for auditing purposes.

  • During configuration, note the Cisco Crosswork UI and CLI user names and passwords. Due to added security, the only way to recover the administrator password is to re-install the software.

  • In situations where it is expected to work with SR-PCE (for L3 topology discovery), we recommend the use of dual SR-PCEs.

  • Use CSV files to quickly import and onboard device, credential, and provider information.

Known Issues and Limitations

Table 3. Known Issues and Limitations

Issue/Limitation

Context within Cisco Crosswork

Crosswork cluster uses the following IP ranges for internal communications. This cannot be changed. As a result, these subnets cannot be used for devices or other purposes within your network.

You are recommended to isolate your Crosswork cluster to ensure all the communications stay within the cluster. Please also ensure that address spaces do not overlap for any of the external integration points (e.g. connections to devices, connections to external servers that Crosswork is sending data to, connections to the NSO server, etc.).

Note

 

This is applicable for cluster installation and for adding a static route.

IPv4:

  • 172.17.0.0/16: Docker Subnet (Infrastructure)

  • 169.254.0.0/16: Link local address block

  • 127.0.0.0/8: Loopback addresses

  • 192.88.99.0/24: Reserved, previously used for relay servers to do IPv6 over IPv4

  • 240.0.0.0/4: Reserved for future use (previously class E block)

  • 224.0.0.0/4: MCAST-TEST-NET

  • 0.0.0.0/8: Current network, valid as source address only

IPv6:

  • 2001:db8:1::/64: Docker Subnet (Infrastructure)

  • fdfb:85ef:26ff::/48: Pod Subnet (Infrastructure)

  • fd08:2eef:c2ee::/110: Service Subnet (Infrastructure)

  • fe80::/10: Link local

  • ::1/128: Loopback addresses

  • ff00::/8: IPv6 Multicast

  • 2002::/16: Reserved, previously used for relay servers to do IPv6 over IPv4

  • 2001:0000::/32: Terredo tunnel and relay

  • 2001:20::/28: Used by ORCHID and not IPv6 routable

  • 100::/64: Discard prefix, used in specific use-cases not applicable to Crosswork Zero Touch Provisioning

  • ::/128: Unspecified address, cannot be assigned to hosts

  • ::ffff:0:0/96: IPv4 mapped addresses

  • ::ffff:0:0:0/96: IPv4 translated addresses

Installation

  • The number of nodes installed in Cisco Crosswork 4.4 must be equal or more than the number of nodes in earlier version of Cisco Crosswork.

  • Third-party device configuration in Device Management and Cisco NSO is not migrated and needs to be re-applied on the new version post migration.

  • Custom user roles (Read-Write/Read) created in earlier version of Cisco Crosswork are not migrated and need to be recreated manually on the new Cisco Crosswork version post migration.

  • Any user roles with administrative privileges in the earlier version of Cisco Crosswork must be assigned new permissions after the upgrade to continue being administrative users. 

  • Crosswork Health Insights KPI alert history is not preserved as part of the migration. The system will need to be given some time to establish a new baseline for some KPIs. This may result in false alarms until the new base line is established.

For more information, see the Upgrade Cisco Crosswork chapter in Cisco Crosswork Infrastructure 4.4 and Applications Installation Guide.

Upgrade

  • Sometimes, NETCONF reachability times out for IOS XE devices. To recover, try increasing the NETCONF reachability timer to a higher timeout value (for example, 120 seconds).

  • While retrieving device inventory via API from Cisco Crosswork, use page size of 200.

  • In case of Cisco NSO Layered Service Architecture (LSA), the migration of devices between Resource Facing Service (RFS) nodes is not supported. If you try to move the devices between RFS nodes, it creates a duplicate device entry in Cisco NSO. See the Onboard and Manage Devices chapter in Cisco Crosswork Infrastructure 4.4 and Applications Administration Guide for details and instructions on removing duplicates.

  • Although the integration between Cisco NSO and Device Lifecycle Management (DLM) is automated, manual action is needed after a Cisco NSO recovery when the device admin status must go through DOWN/UP states. In this case, you must manually listen to NSO notifications that notify degradation within NSO and retry the action while NSO is up.

Device Management

  • Each time the job list (located on the left side) is refreshed in the the Collection Jobs window, the corresponding job details pane (located on the right side) must be manually refreshed.

  • A user session will not be terminated when you close the tab or the browser. The only way to remove a user session is to either log out from Crosswork or terminate the session from the User window (Administration > User and Roles > Active Sessions).

UI

  • Alarms, faults, errors, or any status indications for Cisco Crosswork Data Gateway will not be reflected on the VM node or its operational state.

  • Alerting service can become unresponsive during stress testing. Alerts related to Crosswork applications may not be generated during this time. If this happens, Cisco Crosswork will recover the alerting by automatically restarting the service.

  • If the node containing the Cisco Crosswork orchestrator is restarted, it might take up to 10 minutes before the health of the cluster can be viewed.

Alerts

  • PCE is required for L3 link topology mapping.

  • Enable traps on routers to receive L2 link down and up status changes quickly. Otherwise, it may take one SNMP poll cadence (default is 5 minutes) to see the L2 link status change.

Topology

  • Cisco Crosswork will not allow you to power off two hybrid nodes at the same time. If a system loses a hybrid node due to any faults, it must be replaced as soon as possible.

High Availability

  • If you restart microservices for a Crosswork application, the microservice may appear removed upon restart, but the application will continue to show a healthy status.

Crosswork Manager

  • Fault service does not generate the SWT_SWITCH_DOWN alarm when a device becomes unreachable.

  • Localization of the ospfIfStateChange, ospfIfConfigError, ospfIfAuthFailure, ospfIfRxBadPacket, and ospfTxRetransmit alarms happens to loopback() from day 1.

Cisco Element Management System (EMS) Services

  • In rare cases, after the successful registration, the License Authorization Status in the Smart Licensing page is not changed and will continue to display as being in EVALUATION mode. As a consequence, the evaluation timer will be started and incorrect messages will be displayed to the user. As a workaround, please de-register and register the product again.

Smart Licensing

Product Documentation

The following documents are provided for Cisco Crosswork Infrastructure 4.4.x. For links to related documentation that you might find useful, see Additional Related Docuentation.

Table 4. Cisco Crosswork Infrastructure 4.4.x Documentation

Documentation Title

What is included

Cisco Crosswork Infrastructure 4.4.0 Release Notes

This document

Cisco Crosswork Infrastructure 4.4 and Applications Installation Guide

Shared installation guide for all the Cisco Crosswork applications and their common infrastructure. Covers:

  • System requirements

  • Installation prerequisites

  • Installation instructions

  • Upgrade instructions

Cisco Crosswork Infrastructure 4.4 and Applications Administration Guide

Shared administration guide for all the Cisco Crosswork applications and their common infrastructure. Covers:

  • Managing clusters and data gateway

  • Data collection

  • High availability

  • Backup and restore

  • Onboard and manage devices

  • Zero touch provisioning

  • Set up maps

  • Managing users, access and security

  • Maintain system health

Open Source Software used in Cisco Crosswork Infrastructure 4.4

Lists of licenses and notices for open source software used in Cisco Crosswork Infrastructure.

Open Source Software used in Cisco EMS Services 4.1

Lists of licenses and notices for open source software used in Cisco EMS Services.

API Documentation

Advanced users can extend Cisco Crosswork product functions by using the product APIs. API documentation is available on Cisco DevNet.

Additional Related Documentation

This section provides links to documentation for products related to Cisco Crosswork Infrastructure:

You can access documentation for all Cisco Crosswork products at Cisco Crosswork Network Automation Documentation.

Demos

If you are interested in seeing a demo of the Crosswork features and functions, please contact your Cisco account team, and they can arrange demos by leveraging our demo cloud resources.

Bugs

If you encounter problems while working with Cisco Crosswork, check this list of open bugs. Each bug ID in the list links to a more detailed descritption and workaround. You can use the Cisco Bug Search Tool to search for bugs.

  1. Go to the Cisco Bug Search Tool.

  2. Enter your registered Cisco.com username and password, and click Log In.

    The Bug Search page opens.


    Note

    If you do not have a Cisco.com username and password, you can register here.

  3. To search for all Cisco Crosswork bugs, from the Product list select Cloud and Systems Management > Routing and Switching Management > Cisco Crosswork Network Automation and enter additional criteria (such as bug ID, problem description, a feature, or a product name) in the Search For field. Examples: "Optimization Engine" or "CSCwc62479"

  4. When the search results are displayed, use the filter tools to narrow the results. You can filter the bugs by status, severity, and so on.


Note

To export the results to a spreadsheet, click Export Results to Excel.

Accessibility Features

All product documents are accessible except for images, graphics and some charts. If you would like to receive the product documentation in audio format, braille, or large print, contact the Cisco Accessiblity Team on the Web or send email to accessibility@cisco.com .

If any product document could not be converted to the accessible formats, please contact the Cisco Customer Experience team.

Support and Downloads

The Cisco Support and Downloads website provides online resources to download documentation, software, and tools. Use these resources to install and configure the software and to troubleshoot and resolve technical issues with Cisco products and technologies.

Access to most tools on the Cisco Support and Downloads website requires a Cisco.com user ID and password.

For more information:

https://www.cisco.com/c/en/us/support/index.html

Obtain Additional Information and Submit a Service Request

Information about Cisco products, services, technologies, and networking solutions is available from various online sources.