First Published: April 19, 2024

This document provides information about Cisco Crosswork Network Controller 4.1.4, including patch release versions for Cisco Crosswork products and their associated defects, and the patch installation workflow.

Patch Release Versions for Cisco Crosswork Products

The patch files (.tar.gz) are available on the Cisco Software Download page.

Table 1. Patch Releases

Cisco Crosswork Component

New Releases with Fix

Defect ID

Crosswork Infrastructure

4.4.4

CSCwf94916

CSCwi13177

CSCwj35878

CSCwi64836

CSCwf33728

CSCwh65271

CSCwi64836

CSCwi42980

CSCwj02265

CSCwj45213

CSCwj38341

CSCwi26233

Crosswork Service Health

4.1.4

CSCwi64836

Crosswork Change Automation

4.4.4

CSCwi42980

CSCwj45213

Crosswork Optimization Engine

4.1.4

CSCwi42980

Crosswork Active Topology

4.1.4

CSCwi42980

Crosswork Health Insights

4.4.4

CSCwi42980

CSCwj45213

Zero Touch Provisioning (ZTP)

4.1.4

CSCwj43127

CSCwi64836

CSCwj19369

CSCwi42980

CSCwj19369

Patch Installation Workflow

This section explains how to install patch files from the Cisco Crosswork UI.


Note

For this release, the uninstall function is not supported for installed applications.

Before you begin

Before you begin, ensure that you have:

  • Crosswork Infrastructure script and Crosswork patch image files downloaded from Cisco Software Download to your local machine.

  • Cisco Crosswork Administrator user credentials.

  • Management IP address used for your Crosswork VM deployment.

  • Backed up your data.

The upgrade process is disruptive and should be performed during a maintenance window. The time required for the applications to restart is typically less than 30 minutes. If you encounter any error while installing the patch, contact the Cisco Customer Experience team before attempting to move forward with the next step.


Important

Depending on the existing Crosswork version you are upgrading from, the installation sequence can change. Download the patch files and follow the relevant installation sequence for your Crosswork version.

Table 2. Upgrading from Crosswork 4.1.3 version

Upgrading from Crosswork 4.1.3 version

Patch Installation Sequence:

  1. Crosswork Infrastructure: signed-cw-na-infra-patch-4.4.4-15-release-240329.tar.gz

  2. Crosswork Optimization Engine: signed-cw-na-coe-patch-4.1.4-5-release-240321.tar.gz

  3. Crosswork Active Topology: signed-cw-na-cat-patch-4.1.4-4-release-240321.tar.gz

  4. Element Management System: signed-cw-na-common-ems-services-patch-4.1.4-22-releaseems414-240325.tar.gz
Table 3. Upgrading from Crosswork 4.1.0 version

Upgrading from Crosswork 4.1.0 version

Patch Installation Sequence:

  1. Crosswork Infrastructure: signed-cw-na-infra-patch-4.4.4-15-release-240329.tar.gz

  2. Crosswork Optimization Engine: signed-cw-na-coe-patch-4.1.4-5-release-240321.tar.gz

  3. Crosswork Active Topology: signed-cw-na-cat-patch-4.1.4-4-release-240321.tar.gz

  4. Element Management System: signed-cw-na-common-ems-services-patch-4.1.4-22-releaseems414-240325.tar.gz

  5. (Optional) Crosswork Service Health: signed-cw-na-aa-patch-4.1.4-2-releasesh410-240308.tar.gz

  6. (Optional) Crosswork Change Automation: signed-cw-na-ca-patch-4.4.4-3-release-240322.tar.gz

  7. (Optional) Crosswork Health Insights: signed-cw-na-hi-patch-4.4.4-3-release-240322.tar.gz

  8. (Optional) Crosswork Zero Touch Provisioning: signed-cw-na-ztp-patch-4.1.4-4-releaseztp410-240321.tar.gz

If any of the above Crosswork applications are not part of the patch release, ensure to install the last updated version for those Crosswork applications. For more information, see the Related Software section in the Cisco Software Download.

Procedure

Step 1

Extract and validate the patch files: After downloading the patch files, extract and validate them.

To extract the signed image package, run the following command: 

tar -xzvf <signed image file>

The signed image package contains the patch file (.tar.gz) and relevant certificates.

To validate the extracted patch file, run the following command:

python3 cisco_x509_verify_release.py3 -e <.cer file> -i <.tar.gz file> -s <.tar.gz.signature file>
-v dgst -sha512

Example:

After downloading the Crosswork Infrastructure signed patch image (signed-cw-na-infra-patch-4.4.4-15-release-240329.tar.gz), it is extracted and the signature is verified. 

cd <folder where tar was download>
tar -xzvf signed-cw-na-infra-patch-4.4.4-15-release-240329.tar.gz

README
cw-na-infra-patch-4.4.4-15-release-240329.tar.gz
cw-na-infra-patch-4.4.4-15-release-240329.tar.gz.signature
CW-CCO_RELEASE.cer
cisco_x509_verify_release.py3
python3 cisco_x509_verify_release.py3 -e CW-CCO_RELEASE.cer -i cw-na-infra-patch-4.4.4-15-release-240329.tar.gz -s cw-na-infra-patch-4.4.4-15-release-240329.tar.gz.tar.gz.signature  -v dgst -sha512
Retrieving CA certificate from http://www.cisco.com/security/pki/certs/crcam2.cer ...
Successfully retrieved and verified crcam2.cer.
Retrieving SubCA certificate from http://www.cisco.com/security/pki/certs/innerspace.cer ...
Successfully retrieved and verified innerspace.cer.
Successfully verified root, subca and end-entity certificate chain.
Successfully fetched a public key from CW-CCO_RELEASE.cer.
Successfully verified the signature of cw-na-infra-patch-4.4.4-15-release-240329.tar.gz using CW-CCO_RELEASE.cer

Step 2

Add and install the patch files in the Crosswork UI:

  1. Click on Administration > Crosswork Management, and select the Application Management tab. The Crosswork Platform Infrastructure and any applications that are added are displayed here as tiles.

  2. Click on the Add File (.tar.gz) option to add the patch file (for example, cw-na-infra-patch-4.4.4-15-release-240329.tar.gz) that you extracted. The Add File (tar.gz) via Secure Copy popup window is displayed.

  3. Enter the relevant information and click Add. Once the file is added, you can observe the existing application tile displaying an upgrade prompt. Click the upgrade prompt to install the patch file.

    In the Upgrade pop-up screen, select the new version that you want to upgrade to, and click Upgrade. Click on Job History to see the progress of the upgrade operation.

  4. After the installation is complete, go to Administration > Crosswork Manager and confirm all of the applications are reporting a Healthy status.

    Note

     

    It is expected that some processes will be reported as unhealthy or degraded as the upgrade is deployed (an updated status may take up to 30 minutes before reporting). If, after 30 minutes, the status does not change to Healthy, contact your Cisco Customer Experience representative. It is recommended to wait until the system is back to Healthy status before proceeding to install the next patch file.

Step 3

Repeat step 2 for each application patch file that you need to install: see the tables at the beginning of this topic for more details.

Step 4

Install the Crosswork Infrastructure script:

  1. In case you have not done it already, decompress and verify the signature of the signed Crosswork Infrastructure script (signed-cw-na-infra-script-4.4.4.tar.gz).

    Example:

    cd <folder where tar was download>
tar -xzvf signed-cw-na-infra-script-4.4.4.tar.gz 
README
cw-na-infra-script-4.4.4.tar.gz
cw-na-infra-script-4.4.4.tar.gz.signature
CW-CCO_RELEASE.cer
cisco_x509_verify_release.py3
    python3 cisco_x509_verify_release.py3 -e CW-CCO_RELEASE.cer -i cw-na-infra-script-4.4.4.tar.gz -s cw-na-infra-script-4.4.4.tar.gz.signature -v dgst -sha512
Retrieving CA certificate from http://www.cisco.com/security/pki/certs/crcam2.cer ...
Successfully retrieved and verified crcam2.cer.
Retrieving SubCA certificate from http://www.cisco.com/security/pki/certs/innerspace.cer ...
Successfully retrieved and verified innerspace.cer.
Successfully verified root, subca and end-entity certificate chain.
Successfully fetched a public key from CW-CCO_RELEASE.cer.
Successfully verified the signature of cw-na-infra-script-4.4.4.tar.gz using CW-CCO_RELEASE.cer

  2. Extract the Crosswork Infrastructure script. 

    cd <folder where tar was download>
tar -xzvf cw-na-infra-script-4.4.4.tar.gz
cw-na-infra-script-4.4.4/
cw-na-infra-script-4.4.4/cw-na-infra-script-4.4.4.sh
cw-na-infra-script-4.4.4/cleanupOldCasLogs.sh
cw-na-infra-script-4.4.4/readme.txt
cw-na-infra-script-4.4.4/gluster_logRotate.sh

  3. This step is only applicable when you upgrade from Crosswork 4.1.0 version: Execute the following commands from the directory containing the bash script. 

    scp ./cw-na-infra-script-4.4.4.sh cw-admin@<cw mgmt-ip>:/home/cw-admin/
scp ./cleanupOldCasLogs.sh cw-admin@<cw mgmt-ip>:/home/cw-admin

    Note

     
    Replace <cw mgmt-ip> with the management IP address used for your Crosswork deployment.

  4. This step is only applicable when you upgrade from Crosswork 4.1.0 version: Execute the bash script. Running the script results in the deletion of previous logs during the installation. Upon completing the installation, the log4j2 utility will automatically manage log roll-over.

    Note

     

    To run the script correctly, provide the required input as prompted in the script.

    		 
    cd /home/cw-admin
chmod +x ./cw-na-infra-script-4.4.4.sh
chmod +x ./cleanupOldCasLogs.sh
./cw-na-infra-script-4.4.4.sh

    The patch script cleans up the old log files during installation and log4j2 automates the log rollover post-installation.

    In the case of installations over non-IANA-based TLDs (top-level domain) like "cnc-server.kaf", add the TLD part to the CAS properties using the script. In the case of installations over general TLDs like ".com" or ".org", indicate "no" as the input for this step. If not, continue with yes as the input and “kaf” as the value based on the DNS name.

    This script restarts the Crosswork Infrastructure pods that were patched for the new patched image to take effect. Monitor the script and enter yes for each of the pods as prompted.

  5. Execute the log rotate bash script that you downloaded in step 4b. 

    chmod +x ./gluster_logRotate.sh

./gluster_logRotate.sh

    Note

     

    Copy and execute the gluster_logRotate.sh script on all hybrid nodes.

Known Issues and Limitations

The table below shows known issues and limitations that should be taken into account before starting to work with Cisco Crosswork Network Controller 4.1.4.

Table 4. Crosswork Data Gateway

Feature

Limitation

Global Parameters

When a port value is changed in the Administration > Data Gateway Global Settings > Data Gateway > Global Parameters window, an error occurs indicating that some data gateways were not updated.

This is a transient issue and gets automatically resolved after a few minutes.