Install CWM using Docker Installer Tool

This section contains the following topics:

Install CWM using Docker Installer Tool

The CWM 2.0 is installed on the Cisco Crosswork platform by first deploying the Crosswork OVA file using a Docker image on the VMware vCenter 7.0 (or higher) and then installing the CWM CAPP file using the installation script.

Installation flowchart

The following flowchart outlines the high-level sequence of tasks for installing CWM Essentials in a VMware environment.

Download CWM package

To download the CWM 2.0 package, go to https://software.cisco.com/download/home/286340306/type/286332171/release/2.0.0.There are four downloadable files there, based on two factors:

  • Virtualization format:

    • OVA files are for VMware

    • QCOW2 files are for KVM

  • Product edition:

    • Either CWM Essentials or CWM Advantage (indicated in the file name).

To install CWM 2.0 Essentials on VMware, download the file with the OVA extension that is labeled for Essentials.


Note

These instructions are specifically for the CWM Essentials package using the OVA file format. If you're using a different edition or format (e.g., CWM Advantage or QCOW2), please refer to the appropriate set of instructions.

Extract CWM Essentials package

Before installing CWM, the software package must be extracted on a system that can access the VMWare environment where CWM will be deployed. This system can be either a local machine or a VM capable of running the installer binaries. For this documentation, we use a Mac laptop for the extraction process.


Note

Alternatively, a Linux-based VM within the same VMWare setup as the target CWM deployment can be used.

Procedure

Step 1

Download the CWM package file named CW-CWM-Standalone-2.0.0-14-SVM-7.1.0-48-ova.signed.bin from software.cisco.com and copy it to a working directory on your Docker-capable machine.

Step 2

Open Terminal and run this command to make the binary executable: 

chmod 755 CW-CWM-Standalone-2.0.0-14-SVM-7.1.0-48-ova.signed.bin

Step 3

Run the binary to extract its contents:

./CW-CWM-Standalone-2.0.0-14-SVM-7.1.0-48-ova.signed.bin

Note

 

Extraction may take a few minutes to complete.

Step 4

After extraction, the folder will contain:

  • The original .signed.bin file

  • An extracted .tar.gz file

  • Additional verification files

Step 5

Untar the tar.gz file: 

tar xzf cw-na-cwm-7.1.0-48-releasecnc710-250606.tar.gz

This will create a new folder named CW-CWM-Standalone-2.0.0-14-SVM-7.1.0-48-ova. Rename the folder for convenience.

Use script to Deploy Crosswork and CWM

Procedure

Step 1

In your Docker-capable machine, create a directory where you will store all the files you will use during this installation.

Note

 
If you are using a Mac, ensure that the directory name is in lower case.

Step 2

The downloaded file containing the Crosswork Network Controller package from cisco.com includes the following files:

  • Crosswork Workflow Manager CAPP package in tar.gz format,

  • Crosswork platform OVA file,

  • install.sh installation script,

  • configuration.json configuration file,

  • Docker installer image tar.gz,

  • a set of instructions.

Step 3

Load the Docker installer image by running the command: docker load -i <installer>.tar.gz.

Step 4

Inside the directory, create a .txt file and paste the VMware installation template given below. For this instruction, we'll name the file deployment.tfvars.txt for example purposes. 

Cw_VM_Image = ""    # Line added automatically by installer.
ClusterIPStack        = "IPv4"
DataIPNetmask         = "255.255.255.0"
DataIPGateway         = "192.168.1.1"
DNS                   = "DNS"
DomainName            = "domain_name"
CWPassword            = "your_crosswork_password"
VMSize                = "XLarge"
vm_sizes = {
        "xlarge" = {
                vcpus           = 24
                cpu_reservation = 24000
                //Memory in Mbytes
                memory = 128000
        }
}
NTP                   = "ntp.esl.cisco.com"
Timezone              = "Europe/Paris"
EnableSkipAutoInstallFeature = "True"
ManagementVIP     = "your_mgmt_vip"
ManagementIPNetmask = "255.255.255.0"
ManagementIPGateway = "your_mgmt_gateway"
ThinProvisioned = true
IgnoreDiagnosticsCheckFailure = "True"
DataVIP           = "your_data_vip"
CwVMs = {
"0" = {
    VMName                = "your_VM_name",
    ManagementIPAddress = "your_mgmt_ip",
    DataIPAddress       = "your_data_ip",
    NodeType               = "Hybrid"
}
}
VCenterDC = {
VCenterAddress = "your_vcenter_address",
VCenterUser = "your_username",
VCenterPassword = "your_password",
DCname = "your_datacenter_name",
MgmtNetworkName = "VM Network",
DataNetworkName = "SVM Data Network"
VMs = [{
    HostedCwVMs = ["0"],
    Host = "your_VM_host",
    Datastore = "your_VM_datastore",
    HSDatastore = "your_VM_hsdatastore"
  }
]
}
SchemaVersion = "7.1.0"

Note

 

Make sure you correctly distinguish between:

  • vCenter Server address (VCenterAddress): This refers to the hostname or IP address of your vCenter server that manages the VMware environment.

  • Datacenter name (DCname): This refers to the specific vSphere Datacenter object within your vCenter inventory where the VM will be deployed.

Step 5

Edit the parameters to match your deployment.

Note

 
To learn more about the installation parameters, please refer to the Single VM chapter in the Cisco Crosswork Network Controller 7.1 Installation Guide.

Step 6

Inside the directory, create another file named product.json file and paste the data below. 

{
"product_image_id": "CWM",
"attributes": {
    "key1": "value1"
}
}

Note

 

The attributes parameter is used to pass metadata or special configuration flags related to the product image, such as is_arbiter, which designates the VM as an arbiter node in a geo-redundant deployment.

Step 7

Open the configuration.json file and provide the following parameters to match your deployment: 

{
    "SVM_NAME": "your_VM_name",
    "host": {
        "remote_user": "your_username",
        "remote_password": "your_password",
        "remote_host": "your_scp_host",
        "remote_port": "22",
        "capp_file": "/path/to/cw-na-cwm-2.0.0-14-release_cwm-2_0_0-250516.tar.gz"
    },  

    "cwm_login": {
        "ip": "your_mgmt_ip",
        "cwm_user": "admin",
        "cwm_old_password": "admin",
        "cwm_password": "your_new_password"
    },
    "deployment": {
        "tfvars_path": "/path/to/deployment.tfvars.txt",
        "ova_file": "/path/to/cwm.ova",
        "product_json": "/path/to/product.json"
    }
}

  1. for host, provide the details of the SCP server where your Crosswork CAPP file is located like host address and port, your username and password, and the path to the file (change sample filename to your actual filename if needed).

  2. for cwm_login, provide your management IP and the default Crosswork username and password. In cwm_password, provide the new password to replace the default one upon installation completion.

  3. for deployment, provide the local paths to the deployment.tfvars.txt created in a previous step, to the CWM OVA file and to the product.json file.

Step 8

From the directory, run the installer script:

bash install.sh

This will start the installation process for the Crosswork platform and then for CWM once the platform is deployed.

Step 9

To monitor the progress of the installation, access the Grafana dashboard which provides a visual summary of each stage (e.g., image unpacking, VM deployment, configuration).

The dashboard is typically accessible at:

https://your_mgmt_vip:30602/d/

Step 10

Once the installation script is done and the deployment status reaches 100%, go to http://your_mgmt_vipx:30603 and log in with the default admin user and the password you provided in configuration.json.

Upgrade CWM with the 2.0.1 patch

To download the CWM 2.0.1 package, go to https://software.cisco.com/download/home/286340306/type/286332171/release/ and locate the 2.0.1 patch package in the available releases.

Patch installation prerequisites

This section describes the prerequisites needed to install the Crosswork Workflow Manager 2.0.1 patch.

  • Install Crosswork Network Controller version 7.1.0. See the Cisco Crosswork Network Controller 7.1 Installation Guide for installation instructions.

  • Download and install Crosswork Network Controller Essentials package.

  • Ensure you have Cisco Crosswork Controller Administrator user credentials.

  • Identify the Management IP address (either a physical IP address or the Virtual IP address) used for your Crosswork VM deployment.

  • Back up your data. For more information, see Manage Crosswork Network Controller Backup and Restore.Additionally, the server being patched should have sufficient space to unarchive and copy the files.

  • At least 5GB of free space in the /home/cw-admin/ directory.

  • At least 1GB of free space in the /tmp/ directory.

Extract and validate patch files

This section explains how to extract and validate the downloaded patch files.

  1. Navigate to the folder where the tar file was downloaded. Example:

    cd <folder where the tar file was downloaded>

    Consider the Crosswork Infrastructure signed patch image signed-cw-na-infra-patch-7.1.1-28-release-250922.tar.gz for this procedure.

  2. Extract the signed file using this command:

    tar -xzvf <signed image file>

    The signed image package contains the patch file (.tar.gz) and relevant certificates for validation. Example: 

    tar -xzvf signed-cw-na-infra-patch-7.1.1-28-release-250922.tar.gz

    Output:

    README
cw-na-infra-patch-7.1.1-28-release-250922.tar.gz
cw-na-infra-patch-7.1.1-28-release-250922.tar.gz.signature
CW-CCO_RELEASE.cer
cisco_x509_verify_release.py3
cisco_x509_verify_release.py

  3. Validate the extracted patch file using this command (single line):

    python3 cisco_x509_verify_release.py3 -e <.cer file> -i <.tar.gz file> -s <.tar.gz.signature file> -v dgst -sha512

    Example:

    python3 cisco_x509_verify_release.py3 -e CW-CCO_RELEASE.cer -i cw-na-infra-patch-7.1.1-28-release-250922.tar.gz -s cw-na-infra-patch-7.1.1-28-release-250922.tar.gz.signature -v dgst -sha512

    Output:

    Retrieving CA certificate from http://www.cisco.com/security/pki/certs/crcam2.cer ...
Successfully retrieved and verified crcam2.cer.
Retrieving SubCA certificate from http://www.cisco.com/security/pki/certs/innerspace.cer ...
Successfully retrieved and verified innerspace.cer.
Successfully verified root, subca and end-entity certificate chain.
Successfully fetched a public key from CW-CCO_RELEASE.cer.
Successfully verified the signature of cw-na-infra-patch-7.1.1-28-release-250922.tar.gz using CW-CCO_RELEASE.cer

  4. Repeat these steps for each patch file you plan to install.

Add and install system OS patch

  1. Create a new backup if you do not already have one.

  2. From the main menu, choose Administration > Crosswork Manager. The Crosswork Summary page is displayed with Crosswork Cluster and Crosswork Platform Infrastructure tiles.

  3. Click the System Management tab.

  4. Click Add OS patch. In the popup window choose either URL or SCP as your preferred protocol. Based on your selection, fill in the additional fields with the required information. Click Add to proceed. Individual jobs are created to add the patch to the repository and to apply the package to each VM in your cluster.

  5. Click System Management > Job History to monitor the status of each job. For details on each node’s operation, open the Job Details page.

  6. Once jobs complete successfully, check that the newly added OS patch is listed under the System updates tab.

  7. To upgrade an installed OS patch, use the Upgrade button in the System updates tab.

  8. (Optional) To see patch details, select the patch file and click Package details. You’ll see information such as package name, version, and description.

  9. (Optional) After all jobs are completed successfully, verify the updated package list for each node by navigating to Administration > Crosswork Manager > System Summary > > View details > Package details tab.

Add and install 2.0.1 patch files

  1. Check the health status of your system. If any components are unhealthy or degraded, resolve the issues or contact your Cisco Customer Experience representative before proceeding.

  2. Click Administration > Crosswork Management > Application Management tab. The Platform Infrastructure and any applications that are added are displayed here as tiles.

  3. Click the Add File (.tar.gz) option to add the CNC infrastructure patch file that you extracted. For example: cw-na-infra-patch-7.1.1-28-release-250922.tar.gz. The Add File (.tar.gz) via Secure Copy popup window is displayed.

  4. Enter the relevant information and click Add.

  5. Once the patch file is added, the existing application tile displays an upgrade prompt. Click the upgrade prompt to install the patch file.

  6. In the Upgrade popup screen, select the new version that you want to upgrade to, and click Upgrade. Click Job History to see the progress of the upgrade operation.

  7. Repeat steps from 2 to 6 to install the extracted CWM 2.0.1 patch tar.gz file. For example: cw-na-cwm-2.0.1-9-releasecwm-201-250911.tar.gz.

  8. After the installation is complete, go to Administration > Crosswork Manager and confirm all of the applications are reporting a Healthy status.