Deploy Catalyst Center Platform

Catalyst Center platform deployments

A Catalyst Center platform deployment is an enterprise network management solution that

  • includes installation and integration of multiple platform components,

  • supports modular configuration through bundles and API integration, and

  • provides centralized management and monitoring for network infrastructure.

Additional reference information:

  1. To install the latest version of Catalyst Center, see Installation of Catalyst Center Platform.

  2. To configure the integration settings, see Configure integration settings.

After you deploy the Catalyst Center platform, you must:

  • Review the API prerequisites. For information, see API prerequisites.

  • Review the brief feature descriptions in Overview in the GUI to understand the Catalyst Center platform. For information, see Platform overview.

  • Go to Bundles in the GUI. Enable, configure, and activate the bundles needed for your network. For information, see Bundle features.

Installation of Catalyst Center Platform

When you install Catalyst Center, you also install the Catalyst Center platform. A separate installation procedure is not required for the Catalyst Center platform.

For information about installing Catalyst Center, see the Cisco Catalyst Center Installation Guide.

Additional information:

  • The Catalyst Center platform is accessible to a user with a SUPER-ADMIN-ROLE.

  • After logging in with a SUPER-ADMIN-ROLE, you can view the Catalyst Center platform and perform actions through its GUI.

  • As a user with a SUPER-ADMIN-ROLE, you can create a custom role that grants read, write, or deny permissions for features such as application programming interfaces (APIs), bundles, events, and reports on the platform.

  • From the main menu, choose System > Users & Roles > Role Based Action Access Control to access this feature.

Configure integration settings

If firewalls or other rules exist between Catalyst Center and any third-party applications that need to reach Catalyst Center platform, configure Integration Settings. This occurs when the IP address of Catalyst Center is mapped internally to another IP address that provides internet or external network access.


Important

After you back up and restore Catalyst Center, you must access the Integration Settings window and update (if necessary) the Callback URL Host Name or IP Address using this procedure.

Before you begin

You have deployed Catalyst Center platform as described earlier in the documentation.

Procedure

Step 1

From the main menu, choose System > Settings > System Configuration > Integration Settings.

Step 2

Enter the Callback URL Host Name or IP Address that the third-party application needs to connect to when communicating with Catalyst Center platform.

Note

 

The Callback URL Host Name or IP Address is the external-facing hostname or IP address that is mapped internally to Catalyst Center. Configure the virtual IP (VIP) address for a setup with three nodes.

Step 3

Click Apply.

What to do next

Review the API prerequisites for the Catalyst Center platform to function correctly.

API prerequisites

Meet these Application programming Interface (API) prerequisites to work with the Catalyst Center API and the Catalyst Center platform.

Supported Programming Language

Use a supported programming language and complete the required tasks to run the code previews.

For example, to use Python scripts generated by Catalyst Center platform, you must install the requests library. You can use pip (Pip Installs Packages) to install using a CLI command: 

pip install requests

Code previews for these languages are available in the GUI:

  • Shell

  • Node - HTTP

  • Node - Unirest

  • Node - Request

  • Python

  • Ruby

  • JavaScript

  • JQuery

  • PHP

  • Go

  • Ansible

Authentication

The Catalyst Center APIs use token-based authentication. A token remains valid for 60 seconds (1 minute). To access the API, use an authentication script in your supported programming language. For example, run this Python script to log in: 


def get_token():
    token = requests.post(
       ‘https://<cluster IP>/api/system/v1/auth/token’,
       auth=HTTPBasicAuth(
           username=<username>,
           password=<password>
       ),
	  headers={'content-type': 'application/json'},
	  verify=False,
    )
    data = token.json()
    return data[‘Token’]

Supporting Role-Based Access Control

Catalyst Center platform supports Role-Based Access Control (RBAC), which enables a user with SUPER-ADMIN-ROLE privileges to define custom roles that permit or restrict users access to certain platform features.

Use this procedure to define a custom role and assign someone to that role.


Note

If you have a SUPER-ADMIN-ROLE, you can access Catalyst Center platform. You can log in and view the Catalyst Center platform, as well as perform actions through its GUI after logging in as a user with a SUPER-ADMIN-ROLE. The NETWORK-ADMIN-ROLE and the OBSERVER-ROLE have limited capabilities with the Catalyst Center platform. For example, these two roles do not permit the user to do these actions:

  • Generate reports

  • Subscribe to events

  • Configure event settings

  • Enable and configure bundles

  • Configure users and roles.

For more information, see the "Manage Users" chapter in Cisco Catalyst Center Administrator Guide.

Before you begin

You must have SUPER-ADMIN-ROLE privileges to perform this procedure.

Procedure

Step 1

Define a custom role.

  1. From the main menu, choose System > Users & Roles > Role Based Access Control.

  2. Click Create a New Role.

    The Create a User Role window appears. If you are setting up RBAC for the first time, the system prompts you to assign users after you create the new role.

  3. Click Let's Do it.

    If you want to skip this screen in the future, select the Don't show this to me again check box.

    The Create a New Role window appears.

  4. Enter a name for the role and then click Next.

    The Define the Access window appears with a list of options.

  5. Click > next to Platform to expand it.

    These options appear. You can set Deny (the default), Read, or Write permissions for the new role:

    • APIs: Allows you to view and try out the APIs.

    • Bundles: Allows you to configure and activate the bundles and IT Service Management (ITSM) integration settings.

    • Events: Allows you to configure event settings for email, REST API endpoints, and Simple Network Management Protocol (SNMP) traps.

    • Reports: Allows you to schedule, view, and download reports.

  6. Click Next.

    The Summary window appears.

  7. Review the summary. If the summary information is correct, click Create Role. Otherwise, click Edit and make the appropriate changes.

Step 2

Assign a user to the custom role you just created by clicking Add Users.

The User Management > Internal Users window appears, which allows you to assign the custom role to an existing user or a new user.

  • To assign the custom role to an existing user:

    1. In the Internal Users window, click the radio button next to the user to whom you want to assign the custom role, and then click Edit.

      The Update Internal User slide-in pane appears.

    2. From the Role List drop-down list, choose the custom role, and then click Save.

  • To assign the custom role to a new user:

    1. Click Add.

      The Create Internal User slide-in pane appears.

    2. Enter the first name, last name, email, and username in the fields provided.

    3. From the Role List drop-down list, choose the custom role to assign to the new user.

    4. Enter the password and then confirm it.

    5. Click Save.

Step 3

If you were logged in when the administrator changed your access permissions, log out and log back in to activate your new permissions.