The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
There are two options for accessing the CPS vDRA Management CLI.
Perform the following steps to access the CPS vDRA Management CLI:
Access is available to the CPS vDRA via SSH listening on port 2024 of the master virtual machine. This port must be open in the OpenStack security rules in order to access the Management CLI via SSH.
The cluster master node is started and bootstraps the Docker engine, an embedded Docker registry, the Weave overlay network, and the CPS vDRA scheduling application.
The worker nodes are started either after the master node is started or in parallel. The bootstrapping of the Docker engine and Weave overlay network point back to the master node.
The scheduling function on the master node begins an auto discovery function on engine startup of the Docker engines that have joined the Weave overlay network.
master – This is always the master scheduling node.
control-a[b] – This is a control node that works in concert with the other control node and the master node to provide OAM support for the application.
diameter-endpoint – This is the node where all diameter traffic terminals.
binding-worker – This is the node where binding/slf queries are executed.
The vDRA Binding and SLF application supports the following roles:
master – This is always the master scheduling node.
control-a[b] – control node that works in concert with the other control nodes and the master node to provide OAM support for the application.
persistence-router – node where binding/slf queries are routed.
persistence-db – nodes where the binding database replica sets are located.
infrastructure – These are core modules that are not shutdown when the application shuts down.
application – These are modules that are removed when the application is shutdown.
External – These are external services that are installed on the system and whose images are built and loaded outside of the system. See the scheduling external-service command for more information on configuring external services.
The modules of type “application” can be shut down in a controlled manner by running the system stop command. This command will unload all modules in reverse run-level order and stop the associated running Docker services.
The modules of type “application” can be started in a controlled manner by running the system start command. This command will start all modules in run-level order and schedule the underlying Docker services on the registered Docker engines.
The modules of type “external” can be shut down in a controlled manner by running the system disable-external-services command. This command will unload all modules in reverse run-level order and stop the associated running Docker services.
The modules of type “external” can be shut down in a controlled manner by running the system enable-external-services command. This command will unload all modules in reverse run-level order and stop the associated running Docker services.
Perform the following steps to restart an individual docker service:
CPS system supports LDAP external authentication and authorization.
Based on Conf-D group configurations, CPS roles are assigned to the applications running on CPS cluster.
The following command configures the gid mapping for various roles.
admin@orchestrator(config)# external-aaa pam gid-mapping 1000 policy-admin admin@orchestrator(config-gid-mapping-1000/policy-admin)# commit Commit complete
You can also view the status of configuration with the following command:
admin@orchestrator# show running-config external-aaa | tab
Sample Output:
admin@orchestrator# show running-config external-aaa | tab GID GROUP -------------------- 1000 policy-admin
The following table describes the CPS roles and Conf-D groups of applications/services:
Application/Service |
CPS Role |
Conf-D Groups |
---|---|---|
Control center |
SUMADMIN |
crd-read-write |
Control center |
READONLY |
crd-read-only |
Policy Builder |
READ&WRITE |
policy-admin |
Policy Builder |
READ |
* |
SVN |
READ&WRITE |
policy-admin |
SVN |
READ |
* |
Grafana |
Admin |
grafana-admin |
Grafana |
Editor |
grafana-editor |
Grafana |
Viewer |
* |
* Indicates all authenticated users
Bulkstats conf-D group: sftp daemon running on port 2026 retrieves all statistics within the /var/broadhop/stats directory. Users associated to the “bulkstats” or “admin” group are able to retrieve statistics.
Oper conf-D group is not used.
When a new ISO is provided with software, you need to perform the following steps to upgrade the current system software:
Perform the following steps to upgrade to a new software version:
If an in-progress upgrade needs to be aborted, run the system abort-upgrade command. This will immediately stop all scheduling activities. Reverting to the previous versions is triggered by the downgrade to a previous software version procedure.
Perform the following steps to downgrade to a pervious software version:
If an in-progress downgrade needs to be aborted, run the system abort-downgrade command. This will immediately stop all scheduling activities. Reverting to the previous versions is triggered by the upgrading to a new software version procedure.