|
3. |
In the Azure deployment wizard, under Basics, configure your Catalyst Center VA for deployment.
-
Under Project details, provide the required details:
-
From the Subscription drop-down list, choose a subscription.
-
From the Resource group drop-down list, choose an existing resource group or create a new one.
-
Under Instance details, provide the required details. This table lists the required fields, their descriptions, and input examples.
| Field |
Description |
Example |
| Virtual machine name |
Enter a unique name for the Catalyst Center VA. |
catalyst-center-va-eastus |
| Region |
From this drop-down list, choose a region for the deployment. |
(US) East US |
| Deploy to an Azure Extended Zone |
Make sure that this check box is unchecked. Check this check box only if you need to deploy Catalyst Center to an Azure extended zone. |
— |
| Availability options |
Choose a VM availability option. |
Availability zone |
| Zone options |
Indicate how you want the zone to be assigned. |
Self-selected zone |
| Availability zone |
Choose one availability zone or multiple availability zones.
Note
One availability zone supports one VM. If you choose multiple availability zones, choose a VM for each zone.
|
Zone 1 |
| Security type |
Choose a VM security type. |
Standard |
| Image |
Choose the Catalyst Center image in Azure Marketplace. |
Cisco Catalyst Center Virtual Appliance – x64 Gen1 |
| VM architecture |
Indicate the VM architecture. It must match the image architecture. |
x64 |
| Run with Azure Spot discount |
Make sure that this check box is unchecked. |
— |
| Size |
Choose the VM size. |
Standard_E32s_v4 – 32 vCPUs, 256 GiB ($1,132.96/mo) |
| Enable Hibernation |
Make sure that this check box is unchecked.
Note
This option is not supported for the selected image and size.
|
— |
-
Under Administer account, provide the required details. This table lists the required fields, their descriptions, and input examples.
| Field |
Description |
Example |
| Authentication type |
Choose the SSH public key login method. |
SSH public key |
| Username |
Enter the default admin username (maglev) for Catalyst Center. |
maglev |
| SSH public key source |
From this drop-down list, choose the key that the enterprise network uses to establish an SSH connection with Catalyst Center on Azure. |
Generate new key pair |
| SSH Key Type |
From this drop-down list, choose the key type that the enterprise network uses to establish an SSH connection with Catalyst Center on Azure.
Note
The RSA SSH format is the recommended key type.
|
RSA SSH Format |
| Key pair name |
Enter a name for the SSH key pair.
Note
Azure automatically generates and stores the SSH key pair for secure access. You can also pass the existing key name.
|
catalyst-center-ssh-key |
-
Under Disks, verify that the disk configuration is configured by default. The Catalyst Center image in Azure Marketplace predetermines the disk configuration.
Do not manually modify the existing disks or add new disks.
-
Under Networking, provide the required details:
-
Virtual Network (VNet): Choose an existing virtual network or create a new one.
-
Subnet: Select a subnet within the virtual network.
-
Public IP: Select None.
Ensure that the Catalyst Center VA is not accessible on the public internet for security reasons.
-
NIC Network Security Group (NSG): Choose Advanced. Then select an existing security group or create one. Make sure that the security group contains the required inbound and outbound rules.
-
Under Monitoring & Management, enable boot diagnostics and other options if required.
-
Under Advanced tab – Custom Data (cloud-init), pass a cloud-init script file into the VM user data during provisioning. This table lists the required cloud-init script keys and their descriptions.
| Key |
Description |
| mks_cloudinit_version
|
Enter the cloud-init version. |
| addressing_mode
|
Enter the IP address version. |
| Network configuration |
| address
|
Enter the static IP address for Catalyst Center. |
| netmask
|
Enter the netmask for Catalyst Center. |
| gateway
|
Enter the gateway address for Catalyst Center. |
| routes
|
Do not enter a route in this field. |
| name
|
Enter the name of the enterprise network. |
| upstream_dns_servers
|
Enter the enterprise Domain Name System (DNS) server address. |
| Proxy configuration |
| server
|
(Optional) Enter the enterprise HTTPS proxy server address. |
| username
|
(Optional) Enter the HTTPS proxy username. |
| password
|
(Optional) Enter the HTTPS proxy password. |
| Network Time Protocol (NTP) configuration |
| servers
|
(Optional) Enter a custom NTP server address that is reachable from the Catalyst Center subnet. The default NTP server address is 168.61.215.74. |
| Catalyst Center configuration |
| fqdn
|
Enter the fully-qualified domain name (FQDN) for Catalyst Center. |
| cli_password
|
Enter the CLI password for Catalyst Center.
Note
The password must
The password must not include
-
the username or any two consecutive characters of the username
-
context-specific words, such as the service name, username, derivatives, Cisco, and maglev
-
four consecutive characters, except for special characters, and
-
any tabs or line breaks.
|
Note
-
The Catalyst Center image in Azure Marketplace uses cloud-init to process custom data.
-
Each key in the user data script specifies a mandatory value that Catalyst Center uses.
-
Use the correct syntax for each key that you configure. Azure does not validate the syntax of the input. If the syntax or values are invalid, the Catalyst Center VA may not boot.
-
Use the same CLI password for cli_password and echo "password" in the script. The CLI password must be passed within the script.
-
The volume expansion logs are available at: /var/log/magctl-expand.log
-
To verify the successful expansion of the
Catalyst Center instance storage on
Azure, run:
xfs_quota -xc 'report -h -p /data/maglev/srv/ndp'
Azure does not allow the selection of private IP addresses during an Azure Marketplace deployment. You must use the next available IP address in the virtual network. Make sure to use this IP address in the cloud-init script. For example: #cloud-config
write_files:
- path: /etc/cloud.json
content: |
{
"mks_cloudinit_version": 1,
"addressing_mode": "ipv4",
"network": [
{
"address": "10.10.0.10",
"netmask": "255.255.255.0",
"gateway": "10.10.0.1",
"routes": [],
"name": "enterprise"
}
],
"upstream_dns_servers": ["10.0.0.2"],
"proxy": {
"server": "http://10.30.0.42:3128",
"username": "proxyadmin",
"password": "Proxypass"
},
"ntp": {
"servers": ["168.61.215.74"]
},
"fqdn": "catalyst.center.example.com",
"cli_password": "Public1@3"
}
- path: /usr/local/bin/wait_for_ndp_and_expand.sh
permissions: '0755'
content: |-
#!/bin/sh
LOG_FILE="/var/log/magctl-expand.log"
echo "$(date) : Waiting 35 minutes before expanding volume" >> "$LOG_FILE"
sleep 2100 # 35 minutes
echo "$(date) : Executing magctl azure expand volume" >> "$LOG_FILE"
echo "Public1@3" | sudo -S magctl azure expand volume >> "$LOG_FILE" 2>&1
if [ $? -eq 0 ]; then
echo "$(date) : magctl expand completed successfully" >> "$LOG_FILE"
else
echo "$(date) : ERROR - magctl expand failed" >> "$LOG_FILE"
fi
cloud_final_modules:
- ssh-authkey-fingerprints
- keys-to-console
- phone-home
- scripts-user
runcmd:
- [ "sh", "-c", "/usr/local/bin/wait_for_ndp_and_expand.sh" ]
If you are not using a proxy, remove the proxy details from the cloud-init script. For example: #cloud-config
write_files:
- path: /etc/cloud.json
permissions: '0644'
content: |-
{
"mks_cloudinit_version": 1,
"addressing_mode": "ipv4",
"network": [
{
"name": "enterprise",
"gateway": "10.30.0.1",
"address": "10.30.0.6",
"netmask": "255.255.255.0",
"routes": []
}
],
"upstream_dns_servers": [
"172.20.0.5"
],
"ntp": {
"servers": [
"168.61.215.74"
]
},
"fqdn": "catalyst.center.example.com",
"cli_password": "P@ssword10"
}
- path: /usr/local/bin/wait_for_ndp_and_expand.sh
permissions: '0755'
content: |-
#!/bin/sh
LOG_FILE="/var/log/magctl-expand.log"
echo "$(date) : Waiting 35 minutes before expanding volume" >> "$LOG_FILE"
sleep 2100 # 35 minutes
echo "$(date) : Executing magctl azure expand volume" >> "$LOG_FILE"
echo "P@ssword10" | sudo -S magctl azure expand volume >> "$LOG_FILE" 2>&1
if [ $? -eq 0 ]; then
echo "$(date) : magctl expand completed successfully" >> "$LOG_FILE"
else
echo "$(date) : ERROR - magctl expand failed" >> "$LOG_FILE"
fi
cloud_final_modules:
- ssh-authkey-fingerprints
- keys-to-console
- phone-home
- scripts-user
runcmd:
- [ "sh", "-c", "/usr/local/bin/wait_for_ndp_and_expand.sh" ]
Azure provisions the VM and automatically applies the configuration during the first boot.
|