The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
This chapter contains the following topics:
This guide explains the requirements and processes to install or upgrade Crosswork Network Controller solution.
This document does not cover the installation of integrated components (such as Cisco NSO or Cisco SR-PCE) that may already be installed or can be used independently. For more details about these components, please refer to their respective installation documentation.
This guide is for experienced network users and operators who want to install Crosswork Network Controller solution in their network. This guide assumes that you are familiar with the following:
Using a Docker container
Running scripts in Python
Deploying an OVA file using VMware vCenter
Deploying an OVA file using VMware OVF tool
Amazon Web Services (AWS), Amazon EC2 concepts, and creation of CloudFormation templates
Kernel-based Virtual Machine (KVM) functionalities and network configuration
Cisco Crosswork Network Controller is a transport SDN controller that empowers customers to simplify and automate intent-based network service provisioning, health monitoring, and optimization in a multi-vendor network environment with a common GUI and API. Crosswork Network Controller simplifies operational workflows by consolidating both the service lifecycle and device management functions in a single integrated solution.
For more information on the Crosswork Network Controller solution components and packages, please refer to the Release Notes for Crosswork Network Controller, Release 7.2.0.
Cisco Crosswork Infrastructure is a resilient and scalable platform on which all Crosswork components can be deployed. The infrastructure is based on a cluster architecture to ensure extensibility, scalability, and high availability. It supports deployment in VMware, AWS EC2, and KVM environments. Crosswork Network Controller can be deployed as a single VM with all core functions available, but at a limited scale. For larger systems, it can be deployed as a cluster of VMs, with or without geo redundancy, for customers who require an even greater level of resiliency. See Determine how many VMs you need for details on the resources and capabilities of the various deployment options.
A single VM deployment operates supported functions on one machine, offering limited redundancy.
For more information on the various deployment options, please refer to Plan Your Deployment.
Cisco Crosswork integrates with Data Gateways to collect information from managed devices and forward it to Crosswork Network Controller, with optional forwarding to external destinations. The applications analyze this information for various use cases, including topology visualization, service health monitoring, element management, and optimizing network performance. The utilization of forwarded data by third-party applications is beyond the scope of this guide.
Forwarding data to external destinations requires an additional license. For information on licensing requirements and external data destinations, see the Crosswork Data Gateway setup, management, and troubleshooting chapter in the Cisco Crosswork Network Controller 7.2 Administration Guide.
The number of Data Gateways deployed in your network depends on factors such as the number of devices, the volume of data being collected, the overall topology, and your redundancy requirements. Each Data Gateway is deployed on an individual VM. For guidance on your deployment to best meet your needs, please consult with the Cisco Customer Experience team.
Crosswork Data Gateway is an integral part of the Crosswork solution being deployed, and it does not require a separate license. Therefore, this document explains the Data Gateway as a foundational component that must be installed in tandem with the Crosswork Infrastructure.
For single VM deployments, Data Gateway functions are available through Embedded Collectors. These collectors are included in the Crosswork Network Controller single VM package, so there is no need to install a separate Embedded Collectors package.
Cisco Crosswork Network Service Orchestrator (NSO) functions as the provider for Crosswork Network Controller to configure the devices according to their expected functions, including optionally configuring MDT sensor paths for data collection. NSO provides the important functions of device management, configuration and maintenance services.
For single VM deployments with the Crosswork Network Controller Advantage tier, NSO functions are provided by the Embedded NSO component, which is included in the Advantage package. No separate installation is needed.
Cisco Segment Routing Path Computation Element (SR-PCE) is configured to run on either a physical or virtual device that runs IOS-XR. The SR-PCE supports both Segment Routing Traffic Engineering (SR-TE) and Resource Reservation Protocol Traffic Engineering (RSVP-TE). Crosswork Network Controller uses the combination of telemetry and data collected from the Cisco SR-PCE to analyze and compute optimal paths for TE tunnels and/or to discover devices in the network.
TACACS+, LDAP, and RADIUS servers (see Set Up User Authentication in Cisco Crosswork Network Controller 7.2 Administration Guide for more information).
DHCP server (when using Crosswork ZTP).
External Kafka (for external data collection destinations).
External gRPC (for external data collection destinations).
Storage server that supports SCP for storage of backups.
Cisco takes great strides to ensure that all our products conform to the latest industry recommendations. We firmly believe that security is an end-to-end commitment and are here to help secure your entire environment. Please work with your Cisco account team to review the security profile of your network.
For details on how we validate our products, see Cisco Secure Products and Solutions and Cisco Security Advisories.
If you have questions or concerns regarding the security of any Cisco products, please open a case with the Cisco Customer Experience team and include details about the tool being used and any vulnerabilities it reports.
Feedback