The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
This chapter contains the following sections:
Installing Cisco XNC
Step 1 | In a web browser, navigate to Cisco.com. | ||
Step 2 | Under Support, click All Downloads. | ||
Step 3 | In the center pane, click Cloud and Systems Management. | ||
Step 4 | If prompted, enter your Cisco.com username and password to log in. | ||
Step 5 | In the right pane, click Network Controllers and Applications, and then click Cisco Extensible Network Controller (XNC). | ||
Step 6 | Download the Cisco XNC application bundle and any additional applications that you have purchased. | ||
Step 7 | Create a directory
in your Linux machine where you plan to install
Cisco XNC.
For example, in your Home directory, create CiscoXNC. | ||
Step 8 | Copy the Cisco XNC zip file into the directory that you created. | ||
Step 9 | Unzip the
Cisco XNC zip file.
The Cisco XNC software is installed in a directory called xnc. The directory contains the following:
|
Cisco provides an upgrade script to upgrade a Cisco XNC 1.0 installation to Cisco XNC 1.5. The upgrade process replaces all of the version 1.0 product files.
A backup archive is created during the process that can be used to restore the original installation, if required.
Running the upgrade script upgrades the installation and configuration. However, any changes you made to the shell scripts or configuration files, for example,runxnc.sh and config.ini, will be overwritten. Once you have completed the upgrade process, you must manually reapply your changes to those files.
To upgrade Cisco XNC 1.0 to Cisco XNC 1.5 follow the steps below:
Step 1 | In a web browser, navigate to Cisco.com. | ||||||||||||||
Step 2 | Under Support, click All Downloads. | ||||||||||||||
Step 3 | In the center pane, click Cloud and Systems Management. | ||||||||||||||
Step 4 | In the right pane, click Network Controllers and Applications, and then click Cisco Extensible Network Controller (XNC). | ||||||||||||||
Step 5 | Download the version 1.5 Cisco XNC application bundle and any additional applications that you currently have installed. | ||||||||||||||
Step 6 | Create a
temporary directory in your Linux machine where you plan to upgrade
Cisco XNC.
For example, in your Home directory, create CiscoXNC_Upgrade. | ||||||||||||||
Step 7 | Extract the Cisco XNC 1.5 zip file into the temporary directory that you created. | ||||||||||||||
Step 8 | Navigate to the xnc directory that was created when you installed the Cisco XNC version 1.0 software. | ||||||||||||||
Step 9 | Stop all running Cisco XNC 1.0 processes. | ||||||||||||||
Step 10 | Backup the Cisco XNC 1.0 installation using your standard backup procedures. | ||||||||||||||
Step 11 | Navigate to the xnc/bin directory in the temporary directory that you created for the 1.5 upgrade software. | ||||||||||||||
Step 12 | Run the upgrade
script using the following syntax:
./upgrade [--upgrade |
--rollback] <xnc_directory_to_be_upgraded>
You can use one of the following options:
| ||||||||||||||
Step 13 | After the script has successfully completed, navigate to the xnc directory where you originally installed Cisco XNC. | ||||||||||||||
Step 14 | Start the Cisco XNC processes that you previously stopped. | ||||||||||||||
Step 15 | Run the password recovery script to reset the admin password. See Running the Password Recovery Script. | ||||||||||||||
Step 16 | Log in to
Cisco XNC as the admin user, and reset the passwords for all users.
For more information, see the Users and Roles section of the Cisco Extensible Network Controller Configuration Guide. | ||||||||||||||
Step 17 | If there are any upgrade-related issues, perform the following tasks: |
You must purchase additional Cisco XNC applications and download the .zip files from Cisco.com. We recommend backing up your configuration before installing new applications.
Step 1 | Open a command window where you installed Cisco XNC. |
Step 2 | Navigate to the xnc directory that was created when you installed the software. |
Step 3 | Run the following
script:
./runxnc.sh
-status
The controller outputs the following, which indicates that the controller is running the java process with PID 21680: Controller with PID:21680 -- Running! |
Connect the switches to the controller. For more information, see the appropriate configuration guide.
Enabling the Transport Layer Security (TLS) connections between Cisco XNC and OpenFlow or onePK switches requires TLS KeyStore and TLS TrustStore files.
Both the TLS KeyStore and TLS TrustStore files are password protected.
If you choose to use TLS connections in your Cisco XNC implementation, all of the connections in the network must be TLS encrypted, and you must run Cisco XNC with TLS enabled. After you provide both the TLS KeyStore and TLS TrustStore files, you can run the TLS KeyStore password configuration script to provide the passwords for Cisco XNC to unlock the KeyStore files.
Step 1 | Provide the following files: | ||
Step 2 | Run the
following command:
cat xnc-privkey.pem
xnc-cert.pem > xnc.pem
The xnc.pem file is created with the private key and certificate. | ||
Step 3 | Run the following command: openssl pkcs12 -export -out xnc.p12 -in xnc.pem | ||
Step 4 | Enter a password
at the prompt.
The xnc.pem file is converted to a password-protected .p12 file. | ||
Step 5 | Run the following command: keytool -importkeystore -srckeystore xnc.p12 -srcstoretype pkcs12 -destkeystore tlsKeyStore -deststoretype jks | ||
Step 6 | Enter a password
at the prompt.
The xnc.p12 is converted to a password-protected Java KeyStore file. |
Step 1 | Create a file called sw-cacert.pem to contain the CA certificate for the switch. |
Step 2 | Run the following command: keytool -import -alias swca1 -file sw-cacert.pem -keystore tlsTrustStore |
Step 3 | Enter a password
at the prompt.
The sw-cacert.pem file is converted into a password-protected Java TrustStore file. |
Step 4 | If the switches in your network use more than one CA certificate, repeat Step 1 through Step 3 for each CA certificate that is used. |
The configkeystorepwd.sh script allows you to input the TLS KeyStore passwords so that the KeyStore files can be unlocked and used by Cisco XNC.
Ensure that the cURL program is installed.
Step 1 | Ensure Cisco XNC is running with TLS enabled. |
Step 2 | Open a command window where you installed Cisco XNC. |
Step 3 | Navigate to the xnc directory that was created when you installed the software. |
Step 4 | Run the following command: ./configkeystorepwd.sh |
Step 5 | At the prompt, enter the following information: |
You can log into the Cisco XNC GUI using HTTP or HTTPS:
Configuring Cisco XNC
Cisco XNC supports high availability clustering in active/active mode with up to five controllers. To use high availability clustering with Cisco XNC, you must edit the config.ini file for each instance of Cisco XNC.
Step 1 | Ensure that Cisco XNC is not running on any of the instances in the cluster. |
Step 2 | Open a command window on one of the instances in the cluster. |
Step 3 | Navigate to the xnc/configuration directory that was created when you installed the software. |
Step 4 | Use any text editor to open the config.ini file. |
Step 5 | Locate the
following text:
# HA Clustering configuration (colon-separated IP addresses of all controllers that are part of the cluster.) # supernodes=<ip1>:<ip2>:<ip3>:<ipn> |
Step 6 | Remove the
comments on the # supernodes line, and replace
<ip1>:<ip2><ip3>:<ipn> with the IP addresses for each
instance of
Cisco XNC in the
cluster. You can enter from two to five IP addresses.
Example: # HA Clustering configuration (colon-separated IP addresses of all controllers that are part of the cluster.) supernodes=<10.1.1.1>:<10.2.1.1>:<10.3.1.1>:<10.4.1.1>:<10.5.1.1> |
Step 7 | Save the file and exit the editor. |
Step 8 | Repeat Step 3 through Step 7 for each instance of Cisco XNC in the cluster. |
Step 9 | Restart Cisco XNC. |
You can password protect your HA clusters with the xncjgroups.xml file. This file must be exactly the same for each instance of Cisco XNC.
Step 1 | Ensure that Cisco XNC is not running on any of the instances in the cluster. |
Step 2 | Open a command window on one of the instances in the cluster. |
Step 3 | Navigate to the xnc/configuration directory that was created when you installed the software. |
Step 4 | Use any text editor to open the xncjgroups.xml file. |
Step 5 | Locate the
following text:
<!-- <AUTH auth_class="org.jgroups.auth.MD5Token" auth_value="ciscoXNC" token_hash="MD5"></AUTH> --> |
Step 6 | Remove the
comments from the AUTH line.
Example: <AUTH auth_class="org.jgroups.auth.MD5Token" auth_value="ciscoXNC" token_hash="MD5"></AUTH> |
Step 7 | (Optional)Change the password in the auth_value attribute. By default, the cluster is protected with the password "ciscoXNC". You can change this password to whatever value you want, provided you make the same change on all machines in the cluster. |
Step 8 | Save the file and exit the editor. |
Step 9 | Repeat Step 4 through Step 8 for each instance of Cisco XNC in the cluster. |
Step 10 | Restart Cisco XNC. |
The following configuration settings can improve scalability when connecting to Cisco Nexus 3000 Series switches.
Step 1 | Navigate to the xnc/configuration directory that was created when you installed the software. | |||||||||||||||||||||||||||
Step 2 | Use any text editor to open the config.ini file. | |||||||||||||||||||||||||||
Step 3 | Update the
following parameters:
| |||||||||||||||||||||||||||
Step 4 | Save the file and exit the editor. | |||||||||||||||||||||||||||
Step 5 | Restart Cisco XNC. |
Step 1 | Open a command window where you installed Cisco XNC. |
Step 2 | Navigate to the xnc directory that was created when you installed the software. |
Step 3 | Run the following command: python backup.py |
Step 4 | At the prompt,
perform one of the following tasks:
|
Step 5 | If you are restoring a configuration, stop and restart Cisco XNC for the configuration to take effect. |