Overview

You can add additional appliances to a cluster using the Maglev Configuration wizard.

Do the steps in this procedure to configure the second and third appliances in the cluster.

In order to build a three-node cluster, the same version of the System package must be installed on your three Catalyst Center appliances. Otherwise, unexpected behavior and possible downtime can occur.

Before you configure the appliances in a three-node cluster, ensure that you have logged out of those appliances. Otherwise, the Quick Start workflow (which you complete to discover your network's devices and enable telemetry) will not start after you have configured your cluster's appliances and log in to Catalyst Center for the first time.

Ensure that all of the IP addresses you enter while completing this procedure are valid addresses with valid netmasks. Also make sure that the addresses and their corresponding subnets do not overlap. Service communication issues can result if they do.

When joining each new secondary node to the cluster, you must specify the physical IP address of the cluster link of the first host in the cluster.

If you are replacing a node in an HA-enabled cluster, use the physical IP address of the cluster link of either of the remaining nodes.

When joining secondary nodes to a cluster, understand:

Be sure to join only a single node to the cluster at a time. Do not attempt to add multiple nodes at the same time, because this results in unpredictable behavior.
Before adding a new node to the cluster, be sure that all installed packages are deployed on the primary node. You can check this by using Secure Shell to log in to the primary node's Catalyst Center Management port as the Linux user (maglev) and then running the command maglev package status. All installed packages should appear in the command output as DEPLOYED.
Expect some service downtime during the cluster attachment process for each secondary node. Services will need to be redistributed across the nodes, and the cluster will be down for periods of time during that process.

Before you begin

Ensure that you:

Configured the first appliance in the cluster according to the steps in Configure the primary node using the Maglev wizard.
Collected all of the information specified in Required IP addresses and subnets and Required configuration information.
Installed the second and third appliances, as described in Appliance installation workflow.
Have done these steps:
1. Ran the maglev package status command on the first appliance.
  
  You can also access this information from the Catalyst Center GUI by clicking the Help icon () and choosing About > Packages.
2. Contacted the Cisco TAC, gave them the output of this command, and asked them to point you to the ISO that you should install on your second and third appliances.
Configured Cisco IMC browser access on both secondary appliances, as described in Enable browser access to the Cisco Integrated Management Controller.
Checked that both the secondary appliances' ports and the switches they use are properly configured (as described in Execute preconfiguration tasks).
Confirmed that you are using a compatible browser. For a list of compatible browsers, see the Release Notes document for the version of Catalyst Center you are installing.
Enabled ICMP on the firewall between Catalyst Center and both the default gateway and the DNS server you specify in this procedure. The Maglev Configuration wizard uses ping to verify the gateway and DNS server you specify.

Caution

This ping might get blocked if a firewall is in place and ICMP is not enabled on that firewall. When this happens, you will not be able to complete the wizard.

Procedure

Point your browser to the Cisco IMC IP address you set during the Cisco IMC GUI configuration you performed, and log in to the Cisco IMC GUI as the Cisco IMC user (see Enable browser access to the Cisco Integrated Management Controller).

After successful login, the appliance displays the Cisco Integrated Management Controller Chassis Summary window, with a hyperlinked menu at the top of the window.

From the hyperlinked menu, select Launch KVM and then select HTML based KVM.

The KVM console opens in a separate window or tab automatically. Use it to monitor the progress of the configuration and respond to the Maglev Configuration wizard prompts.

With the KVM displayed, reboot the appliance by selecting one of these options:

In the main Cisco IMC GUI browser window: Choose Host Power > Power Cycle, and switch to the KVM console to continue.
In the KVM console: Choose Power > Power Cycle System (cold boot).

If you are asked to confirm your choice to reboot the appliance, click OK.

After displaying reboot messages, the KVM console displays the Static IP Configuration screen.

The KVM console displays the Static IP Configuration screen with Skip located in the bottom-right corner.

Click Skip.

The KVM console displays the Maglev Configuration wizard welcome screen.

The Maglev Configuration wizard displays two Cisco DNA Center cluster options for how you would like to configure the secondary node.

Note

Only users that want to configure their appliance using one of the browser-based wizards without using the IP address, subnet mask, and default gateway assigned to the appliance's Enterprise interface by a DHCP server need to complete this screen.

Click Join a Catalyst Center Cluster to begin configuring the secondary node.

The screen updates.

The Maglev Configuration wizard displays the step to choose the IP addressing mode to be used for services and applications. The Next button is in the bottom-right corner.

Do these steps, then click next>> to continue:

Specify whether the applications and services running on your Catalyst Center appliance will use IPv4 or IPv6 addressing.
(Optional) Check the Enable FIPS Mode check box to enable FIPS mode on your Catalyst Center appliance.

See FIPS mode support for things to keep in mind when enabling FIPS mode on an appliance.

In the next wizard screen, you can enable the VLAN mode feature, which creates a single bonded interface that connects to your network using both the primary and secondary instance of your appliance's Enterprise interface. This feature is not commonly used, so only enable it if you know it's required by your Catalyst Center deployment.

If this is the case, complete the next step.

Otherwise, click next>> in the next wizard screen without making any selections. You can enable the NIC bonding functionality that was described previously in this guide in the wizard's Enterprise and Intracluster interface configuration screens.

(Optional) Do these steps to enable Layer 2 port channel mode (with VLAN tagging) for the appliance. After making your selections, click next>> to continue.

The Maglev Configuration wizard displays the optional step of enabling Layer 2 port channel mode.

Select the VLAN mode option to enable dot1q/VLAN trunking and convert your appliance's Enterprise, Cluster, Management, and Internet interfaces into VLAN subinterfaces that reside on the bonded interface (as illustrated in this figure). By default, this interface operates in Active-Backup mode (which enables HA).
If you want this interface to operate in LACP mode instead (which enables load balancing and higher bandwidth), you must also select the LACP option.
When you enter the settings for your appliance's Enterprise and Cluster interfaces, ensure that you enter a unique VLAN ID in the VLAN ID of Interface field for the subinterfaces you want to configure on the virtual bonded interface.

Even though one physical appliance interface (the Enterprise interface) is connected, you can configure all of the subinterfaces that reside on the virtual bonded interface.

The wizard discovers all of the ports on the appliance and presents them to you one by one, in separate screens, in this order:

(Required) 10-Gbps Enterprise port—network adapter #1
(Required) 10-Gbps Cluster port—network adapter #2
(Optional) 1-Gbps/10-Gbps Management port—network adapter #3
(Optional) 1-Gbps/10-Gbps Internet port—network adapter #4

If the wizard fails to display either or both of the Enterprise and Cluster ports during the course of configuration, it might indicate that these ports are nonfunctional or disabled. These two ports are required for Catalyst Center functionality. If you discover that they are nonfunctional, select cancel to exit the configuration wizard immediately. Be sure that you have completed all of the steps provided in Execute preconfiguration tasks before resuming the configuration or contacting the Cisco Technical Assistance Center.

The wizard first presents the 10-Gbps Enterprise port as NETWORK ADAPTER #1. As explained in Interface cable connections, this is a required port used to link the appliance to the enterprise network. Apply the host IP address, netmask, and other values that are appropriate for this purpose (see Required IP addresses and subnets and Required configuration information for the values to enter).

The Maglev Configuration wizard displays the step to enter the network settings for the first network adapter.

Enter the configuration values for NETWORK ADAPTER #1, as shown in this table.

Table 1. Secondary node entries for network adapter #1: 10 Gbps Enterprise port
Host IPv4/IPv6 Address field	Enter the IP address for the Enterprise port. This is required.
IPv4 Netmask/IPv6 Prefix Length field	Do one of these tasks if you entered an IP address: If you selected IPv4 addressing, enter the netmask for the port's IP address. This is required. If you selected IPv6 addressing, enter the prefix length (in bits). Valid values range from 10 through 127.
Default Gateway IPv4/IPv6 address field	Enter a default gateway IP address to use for the port. Ensure that you enter a default gateway IP address for at least one of your appliance's interfaces. Otherwise, you will not be able to complete the configuration wizard.
IPv4/IPv6 DNS Servers field	Enter the IP address of the preferred DNS server. If you are entering multiple DNS servers, separate the IP addresses in the list with spaces. For each appliance in your cluster, configure a maximum of three DNS servers. Problems can occur if you configure more than three DNS servers for an appliance.
IPv4/IPv6 Static Routes field	Enter one or more static routes in this format, separated by spaces: <network>/<netmask>/<gateway>. This is usually required on the Catalyst Center Management port only.
Vlan Id of Interface field	Enter the VLAN ID that will be tagged over the LACP link to be created for the appliance you are configuring. Note This field is displayed only if you set the Layer 2 LACP port channel mode for the appliance by choosing both options in the previous step.
Cluster Link field	Leave this field blank. It is required on the Cluster port only.
LACP Mode field	Do one of these tasks: Leave this field blank and the port will operate in Active-Backup mode. This mode provides fault tolerance by aggregating two Ethernet interfaces into a single logical channel. When the interface that's currently active goes down, the other interface takes its place and becomes active. Check the check box to enable LACP mode on this port. This mode aggregates two Ethernet interfaces that share the same speed and duplex settings into a single logical channel. This provides load balancing and higher bandwidth. For more information about Catalyst Center's implementation of NIC bonding, see NIC bonding overview. Note This field is displayed if you didn't select any of the options in the previous step.

After you finish entering the configuration values, click next>> to continue. The wizard validates the values you entered and issues an error message if any are incorrect. If you receive an error message, check that the value you entered is correct, then reenter it. If needed, click <<back to reenter it.

After successful validation of the Enterprise port values you entered, the wizard presents the 10-Gbps Cluster port and presents it as NETWORK ADAPTER #2. As explained in Interface cable connections, this port is used to link the appliance to the cluster, so apply the host IP address, netmask, and other values that are appropriate for this purpose (see Required IP addresses and subnets and Required configuration information for the values to enter).

The Maglev Configuration wizard displays the step to enter the network settings for the second network adapter.

Enter the configuration values for NETWORK ADAPTER #2, as shown in this table.

Table 2. Secondary node entries for network adapter #2: 10 Gbps Cluster port
Host IPv4/IPv6 address field	Enter the IP address for the Cluster port. This is required. Note You cannot change the address of the Cluster port later.
IPv4 Netmask/IPv6 Prefix Length field	Do one of these tasks if you entered an IP address: If you selected IPv4 addressing, enter the netmask for the port's IP address. This is required. If you selected IPv6 addressing, enter the prefix length (in bits). Valid values range from 10 through 127.
Default Gateway IPv4/IPv6 address field	Enter a default gateway IP address to use for the port. Ensure that you enter a default gateway IP address for at least one of your appliance's interfaces. Otherwise, you will not be able to complete the configuration wizard.
IPv4/IPv6 DNS Servers field	Enter the IP address of the preferred DNS server. If you are entering multiple DNS servers, separate the IP addresses in the list with spaces. For each appliance in your cluster, configure a maximum of three DNS servers. Problems can occur if you configure more than three DNS servers for an appliance.
IPv4/IPv6 Static Routes field	Enter one or more static routes in this format, separated by spaces: <network>/<netmask>/<gateway>. This is usually required on the Management port only.
Vlan Id of Interface field	Enter the VLAN ID that will be tagged over the LACP link to be created for the appliance you are configuring. Note This field is displayed only if you set the Layer 2 LACP port channel mode for the appliance by choosing both options in Step 7.
Cluster Link field	Check the check box to set this port as the link to a Catalyst Center cluster. This is required on the Cluster port only.
LACP Mode field	Do one of these tasks: Leave this field blank and the port will operate in Active-Backup mode. This mode provides fault tolerance by aggregating two Ethernet interfaces into a single logical channel. When the interface that's currently active goes down, the other interface takes its place and becomes active. Check the check box to enable LACP mode on this port. This mode aggregates two Ethernet interfaces that share the same speed and duplex settings into a single logical channel. This provides load balancing and higher bandwidth. For more information about Catalyst Center's implementation of NIC bonding, see NIC bonding overview. Note This field is displayed if you didn't select any of the options in Step 7. You can only enable LACP mode on your appliance's Intracluster interface during the initial configuration of your appliance.

After you provide the necessary information, click next>> to continue. Correct validation errors, if any, as you did in previous screens. The wizard validates and applies your network adapter configurations.

10.

After successful validation of the Cluster port values you entered, the wizard presents the 1 Gbps/10 Gbps Management port and presents it as NETWORK ADAPTER #3. As explained in Interface cable connections, this port is used to access the Catalyst Center GUI from your management network. Apply the host IP address, netmask, and other values that are appropriate for this purpose (see Required IP addresses and subnets and Required configuration information for the values to enter).

The Maglev Configuration wizard displays the step to enter the network settings for the third network adapter.

Enter the configuration values for NETWORK ADAPTER #3, as shown in this table.

Table 3. Secondary node entries for network adapter #3: 1 Gbps/10 Gbps Management port
Host IPv4/IPv6 address field	Enter the IP address for the Management port. This is required only if you are using this port to access the Catalyst Center GUI from your management network; otherwise, you can leave it blank.
IPv4 Netmask/IPv6 Prefix Length field	Do one of these tasks: If you selected IPv4 addressing, enter the netmask for the port's IP address. This is required. If you selected IPv6 addressing, enter the prefix length (in bits). Valid values range from 10 through 127.
Default Gateway IPv4/IPv6 address field	Enter a default gateway IP address to use for the port. Ensure that you enter a default gateway IP address for at least one of your appliance's interfaces. Otherwise, you will not be able to complete the configuration wizard.
IPv4/IPv6 DNS Servers field	Enter the IP address of the preferred DNS server. If you are entering multiple DNS servers, separate the IP addresses in the list with spaces. For NTP, ensure port 123 (UDP) is open between Catalyst Center and your NTP server. For each appliance in your cluster, configure a maximum of three DNS servers. Problems can occur if you configure more than three DNS servers for an appliance.
IPv4/IPv6 Static Routes field	Enter one or more static routes in this format, separated by spaces: <network>/<netmask>/<gateway>.
Cluster Link field	Leave this field blank. It is required on the Cluster port only.

11.

After successful validation of the Management port values you entered, the wizard presents the 1 Gbps/10 Gbps Internet port as NETWORK ADAPTER #4. As explained in Interface cable connections, this is an optional port used to link the appliance to the Internet when you cannot do so through the 10 Gbps Enterprise port. Apply the host IP address, netmask, and other values that are appropriate for this purpose (see Required IP addresses and subnets and Required configuration information for the values to enter).

Enter the configuration values for NETWORK ADAPTER #4, as shown in this table.

Table 4. Secondary node entries for network adapter #4: 1 Gbps/10 Gbps Internet port
Host IPv4/IPv6 address field	Enter the IP address for the Internet port. This is required only if you are using the Internet port for internet connection; otherwise, you can leave it blank.
IPv4 Netmask/IPv6 Prefix Length field	Do one of these tasks: If you selected IPv4 addressing, enter the netmask for the port's IP address. This is required. If you selected IPv6 addressing, enter the prefix length (in bits). Valid values range from 10 through 127.
Default Gateway IPv4/IPv6 address field	Enter a default gateway IP address to use for the Internet port. Ensure that you enter a default gateway IP address for at least one of your appliance's interfaces. Otherwise, you will not be able to complete the configuration wizard.
IPv4/IPv6 DNS Servers field	Enter the IP address of the preferred DNS server. If you are entering multiple DNS servers, separate the IP addresses in the list with spaces. For each appliance in your cluster, configure a maximum of three DNS servers. Problems can occur if you configure more than three DNS servers for an appliance.
IPv4/IPv6 Static Routes field	Enter one or more static routes in this format, separated by spaces: <network>/<netmask>/<gateway>. This is usually required on the Management port only.
Cluster Link field	Leave this field blank. It is required on the Cluster port only.

12.

After the network adapter configuration is complete, the wizard prompts you to enter configuration values for the NETWORK PROXY that you are using, as shown.

The Maglev Configuration wizard displays the step to enter the network proxy configuration settings.

Enter the configuration values for the NETWORK PROXY, as shown in this table.

Table 5. Secondary node entries for network proxy
HTTPS Proxy field	Enter the URL or host name of an HTTPS network proxy used to access the Internet. Note Connection from Catalyst Center to the HTTPS proxy is supported only through HTTP in this release. If you enter an IPv6 URL that contains a port number, enclose the IP address portion of the URL in square brackets. In this example, 443 is the port number: http://[2001:db8:85a3:8d3:1319:8a2e:370:7348]:443/
HTTPS Proxy Username field	Enter the user name used to access the network proxy. If no proxy login is required, leave this field blank.
HTTPS Proxy Password field	Enter the password used to access the network proxy. If no proxy login is required, leave this field blank.

After you provide the necessary information, click next>> to continue. Correct validation errors, if any, as you did in previous screens.

13.

After the network proxy configuration completes, the wizard prompts you to identify the Cluster port on the primary node and primary node login details in MAGLEV CLUSTER DETAILS (as shown).

The Maglev Configuration wizard displays the step to enter the Maglev cluster details configuration settings.

Enter the values for MAGLEV CLUSTER DETAILS, as shown in this table.

Table 6. Secondary node entries for Maglev cluster details
Maglev Primary Node field	Enter the IP address of the Cluster port on the primary node in the cluster. If you have followed the recommendations for port assignment, this will be the IP address of Network Adapter #2 on the primary node.
Username field	Enter maglev.
Password field	Enter the Linux password you configured on the primary node.

After you provide the necessary information, click next>> to continue. Correct validation errors, if any, as you did in previous screens.

14.

After you have entered the cluster details, the wizard prompts you to enter the USER ACCOUNT SETTINGS values, as shown.

The Maglev Configuration wizard displays the step to enter the user account settings values.

Enter the values for USER ACCOUNT SETTINGS, as shown in this table.

Table 7. Secondary node entries for user account settings
Linux Password field	Enter a Linux password for the maglev user that complies with the Password requirements.
Re-enter Linux Password field	Confirm the Linux password by entering it a second time.
Password Generation Seed field	If you do not want to create the Linux password yourself, enter a seed phrase in this field and then press <Generate Password> to generate the password.
Auto Generated Password field	(Optional) The seed phrase appears as part of a random and secure password. If required, you can either use this password as is, or you can further edit this auto-generated password. Click <Use Generated Password> to save the password.
Administrator Password field	Enter a password for the default admin superuser, used to log in to Catalyst Center for the first time. Ensure that this password complies with the Password requirements.
Re-enter Administrator Password field	Confirm the administrator password by entering it a second time.

After you provide the necessary information, click next>> to continue. Correct validation errors, if any, as you did in previous screens.

15.

After you have entered the user account details, the wizard prompts you to enter NTP SERVER SETTINGS values.

The Maglev Configuration wizard displays the step to enter the NTP server settings values.

Enter the values for NTP SERVER SETTINGS, as shown in this table.


NTP Servers field	Enter one or more NTP server addresses or hostnames, separated by spaces. At least one NTP address or hostname is required. For a production deployment, we recommend that you configure a minimum of three NTP servers.
NTP Authentication check box	To enable the authentication of your NTP server before it's synchronized with Catalyst Center, check this check box and then enter this information: The NTP server's key ID. Valid values range between 1 and 4294967295 (2^32-1). This value corresponds to the key ID that's defined in the NTP server's key file. The SHA-1 key value associated with the NTP server's key ID. This 40-character hex string resides in the NTP server's key file. Note Ensure that you enter a key ID and key value for each NTP server that you configured in the previous field.

16.

When you are finished entering the NTP server settings, a final message appears, stating that the wizard is ready to apply the configuration (as shown).

The Maglev Configuration wizard displays the message that it's ready to apply the configuration on the controller.

Click proceed>> to complete the configuration wizard.

The host will reboot automatically and display messages on the KVM console as it applies your settings and brings up services. This process can take several hours. You can monitor its progress via the KVM console.

At the end of the configuration process, the appliance power cycles again, then displays a CONFIGURATION SUCCEEDED! message.

The Maglev Configuration wizard displays the message that the configuration succeeded with optional next steps.

What to do next

If you have an additional appliance to deploy as the third and final node in the cluster, repeat this procedure.
If you have finished adding hosts to the cluster, do the first-time setup: First-time setup workflow.

Configure a secondary node using the Maglev wizard

Overview

Before you begin

Procedure

What to do next

Need help?