Installing Cisco Elastic Services Controller on Cisco Cloud Services Platform 2100

This chapter describes how to install Cisco Elastic Services Controller on CSP 2100 and includes the following sections:

Prerequisites

Following are the prerequisites that you require before you start installing the ESC instance in CSP 2100.

  • Virtual CPUs 2 (minimum)

  • Memory 8 GB

  • Disk size 80

Installing the Elastic Services Controller Instance in CSP 2100

Once you have completed the tasks specified in the prerequisites section, you can use the following procedure to deploy and launch ESC instance in CSP 2100. Following are the three deployment alternatives available for CSP 2100.

  • ESC with Single and Dual Interfaces

  • ESC HA Installation

ESC with Single and Dual Interface

To install ESC in CSP, you must create the user-data in the following format as the day0 configuration file:

A sample for single interface describing the day zero file as config drive and user data is as follows:

#cloud-config
users:
 - name: admin          # The user's login name
   gecos: admin         # The user name's real name
   groups: esc-user     # add admin to group esc-user
   passwd: $6$rounds=4096$Yo11pRsFO$iT5SGMJ6z8WEnmj8TKMdInblgWeb/UChmrsQs3aspx8j.yUuuhxKk2XScOkerWWxpqD5F0sLfC5kzT5t2xGkL1
                        # The hash -- not the password itself -- of the password you want
                        #           to use for this user. You can generate a safe hash via:
                        #               mkpasswd --method=SHA-512 --rounds=4096
   lock-passwd: false   # Defaults to true. Lock the password to disable password login
                        # Set to false if you want to password login
   homedir: /home/admin # Optional. Set to the local path you want to use. Defaults to /home/<username>
   sudo: ALL=(ALL) ALL  # Defaults to none. Set to the sudo string you want to use
 
ssh_pwauth: True        # Defaults to False. Set to True if you want to enable password authentication for sshd.
 
write_files:
# System Configuration
- path: /etc/cloud/cloud.cfg.d/sys-cfg.yaml
  content: |
    network:            # Network configuration
      version: 1        # Network config version 1
      config:
      - type: physical  # Represents a “physical” network device, typically Ethernet-based.
        name: eth0      # The network device name
        subnets:        # Multiple subnet entries can be defined under this portion.{}
        - type: static  # Specify the subnet type. set to 'static' to configure this interface with a static IPv4.
          address: 10.0.0.40   # ESC's Static IP Address
          netmask: 255.255.255.128  # Netmask
          dns_nameservers: ['10.0.0.1']
          routes:
          - gateway: 10.0.0.1 # Default Gateway
            network: 0.0.0.0
            netmask: 0.0.0.0
# ESC Configuration
- path: /opt/cisco/esc/esc-config/esc-cfg.yaml
  content: |
    confd:
      init_aaa_users:
      - name: admin
        passwd: $6$rounds=4096$Yo11pRsFO$iT5SGMJ6z8WEnmj8TKMdInblgWeb/UChmrsQs3aspx8j.yUuuhxKk2XScOkerWWxpqD5F0sLfC5kzT5t2xGkL1
      escmanager:
        open_ports:
        - '8080'
        - '8443'
        url:
        - http://0.0.0.0:8080/ESCManager
        - https://0.0.0.0:8443/ESCManager
    esc_service: {}
# Networking
- path: /opt/cisco/esc/esc-config/esc-config.xml
  content: |
    <?xml version="1.0" ?>
    <esc>
        <esc-cloud>
            <http_rest enabled="true"/>
            <auth enabled="false"/>
            <https_rest enabled="false"/>
        </esc-cloud>
        <esc-service>
            <service-init/>
        </esc-service>
    </esc>
# Params
- path: /opt/cisco/esc/esc-config/esc_params.conf
  content: |
    default.enable_cascade_deletion=true
bootcmd:
- [ cloud-init-per, once, disable_ipv6_eth0, sh, -c, "echo net.ipv6.conf.eth0.disable_ipv6 = 1 >> /etc/sysctl.conf"]
# Update the ESC-HOST value with your own hostname
- [ cloud-init-per, once, update_host_name, sh, -c, "echo ESC-HOST >> /etc/hostname && hostnamectl set-hostname ESC-HOST"]
- [ cloud-init-per, once, update_hosts, sh, -c, "echo 127.0.0.1 ESC-HOST >> /etc/hosts"]
runcmd:
- [ cloud-init-per, once, confd_keygen_root, sh, -c, "/usr/bin/escadm confd keygen --user root"]
- [ cloud-init-per, once, confd_keygen_admin, sh, -c, "/usr/bin/escadm confd keygen --user admin"]
- [ cloud-init-per, once, esc_service_start, sh, -c, "chkconfig esc_service on && service esc_service start"] # You must include this line

A sample for dual interfaces describing the day zero file as config drive and user data is as follows:

You can configure an ethernet-based physical network device with a static IPv4 in ESC .

#cloud-config
users:
 - name: admin          # The user's login name
   gecos: admin         # The user name's real name
   groups: esc-user     # add admin to group esc-user
   passwd: $6$rounds=4096$Yo11pRsFO$iT5SGMJ6z8WEnmj8TKMdInblgWeb/UChmrsQs3aspx8j.yUuuhxKk2XScOkerWWxpqD5F0sLfC5kzT5t2xGkL1
                        # The hash -- not the password itself -- of the password you want
                        #           to use for this user. You can generate a safe hash via:
                        #               mkpasswd --method=SHA-512 --rounds=4096
   lock-passwd: false   # Defaults to true. Lock the password to disable password login
                        # Set to false if you want to password login
   homedir: /home/admin # Optional. Set to the local path you want to use. Defaults to /home/<username>
   sudo: ALL=(ALL) ALL  # Defaults to none. Set to the sudo string you want to use
 
ssh_pwauth: True        # Defaults to False. Set to True if you want to enable password authentication for sshd.
 
write_files:
# System Configuration
- path: /etc/cloud/cloud.cfg.d/sys-cfg.yaml
  content: |
    network:            # Network configuration
      version: 1        # Network config version 1
      config:
      - type: physical  # Represents a “physical” network device, typically Ethernet-based.
        name: eth0      # The network device name
        subnets:        # Multiple subnet entries can be defined under this portion.{}
        - type: static  # Specify the subnet type. set to 'static' to configure this interface with a static IPv4.
          address: 10.0.0.40   # ESC's Static IP Address
          netmask: 255.255.255.128  # Netmask
          dns_nameservers: ['10.0.0.1']
          routes:
          - gateway: 10.0.0.1 # Default Gateway
            network: 0.0.0.0
            netmask: 0.0.0.0
      - type: physical  # Represents a “physical” network device, typically Ethernet-based.
        name: eth1      # The network device name
        subnets:        # Multiple subnet entries can be defined under this portion.{}
        - type: static  # Specify the subnet type. set to 'static' to configure this interface with a static IPv4.
          address: 192.168.0.40   # ESC's Static IP Address
          netmask: 255.255.255.128  # Netmask
          dns_nameservers: []
          routes:
          - gateway: 192.168.0.1 # Default Gateway
            network: 192.168.0.0
            netmask: 255.255.255.128
# ESC Configuration
- path: /opt/cisco/esc/esc-config/esc-cfg.yaml
  content: |
    confd:
      init_aaa_users:
      - name: admin
        passwd: $6$rounds=4096$Yo11pRsFO$iT5SGMJ6z8WEnmj8TKMdInblgWeb/UChmrsQs3aspx8j.yUuuhxKk2XScOkerWWxpqD5F0sLfC5kzT5t2xGkL1
      escmanager:
        open_ports:
        - '8080'
        - '8443'
        url:
        - http://0.0.0.0:8080/ESCManager
        - https://0.0.0.0:8443/ESCManager
    esc_service: {}
# Networking
- path: /opt/cisco/esc/esc-config/esc-config.xml
  content: |
    <?xml version="1.0" ?>
    <esc>
        <esc-cloud>
            <network gateway="10.0.0.1" hostname="VAR_LOCAL_HOSTNAME" ipv6_autoconf="no" networking="yes" networking_ipv6="yes" nozeroconf="yes">
                <interface bootproto="none" device="eth1" ipaddr="192.168.0.40" ipv4_failure_fatal="yes" ipv6init="no" name="System_eth1" netmask="255.255.255.128" nm_controlled="no" onboot="yes" type="Ethernet"/>
                <resolv/>
            </network>
            <http_rest enabled="true"/>
            <auth enabled="false"/>
            <https_rest enabled="false"/>
        </esc-cloud>
        <esc-service>
            <service-init/>
        </esc-service>
    </esc>
# Params
- path: /opt/cisco/esc/esc-config/esc_params.conf
  content: |
    default.enable_cascade_deletion=true
bootcmd:
- [ cloud-init-per, once, disable_ipv6_eth0, sh, -c, "echo net.ipv6.conf.eth0.disable_ipv6 = 1 >> /etc/sysctl.conf"]
# Update the ESC-HOST value with your own hostname
- [ cloud-init-per, once, update_host_name, sh, -c, "echo ESC-HOST >> /etc/hostname && hostnamectl set-hostname ESC-HOST"]
- [ cloud-init-per, once, update_hosts, sh, -c, "echo 127.0.0.1 ESC-HOST >> /etc/hosts"]
runcmd:
- [ cloud-init-per, once, confd_keygen_root, sh, -c, "/usr/bin/escadm confd keygen --user root"]
- [ cloud-init-per, once, confd_keygen_admin, sh, -c, "/usr/bin/escadm confd keygen --user admin"]
- [ cloud-init-per, once, esc_service_start, sh, -c, "chkconfig esc_service on && service esc_service start"] # You must include this line

Creating ESC passwords to use in Day0 Files

When using the Cloud-Init day0 file to deploy an ESC instance, the passwords must be passed in as a hash, and not a plain text.

To create a hashed password, use the mkpasswd tool. The following example shows how to use the mkpasswd tool to create a hashed password. 

~$ mkpasswd --method=SHA-512 --rounds=4096
Password:
$6$rounds=4096$Yo11pRsFO$iT5SGMJ6z8WEnmj8TKMdInblgWeb/UChmrsQs3aspx8j.yUuuhxKk2XScOkerWWxpqD5F0sLfC5kzT5t2xGkL1

Procedure

Step 1

Upload user-data file to CSP

To deploy ESC, the user-data file must be first uploaded to the CSP node.

Note 

The path to upload images and day0 files is: /osp/repository

 
scp user-data-esc admin@<CSP_IP_ADDRESS>:/osp/repository
Step 2

Deploying ESC VM

You must edit configuration to be sent to the CSP node hosting the ESC VM.

Following is the deployment datamodel for single interface. For dual interface, you have two interfaces.<name>ESC-SA-2-IF</name>

<?xml version="1.0"?>
<services xmlns="http://www.cisco.com/ns/test/service">
  <service>
    <name>ESC-SA-1-IF</name>
    <memory>2048</memory>
    <numcpu>1</numcpu>
    <disk_size>8.0</disk_size>
    <disk-resize>true</disk-resize>
    <iso_name>ESC-4_4_0_xxx.qcow2</iso_name>
    <power>on</power>
    <ip>10.0.0.40</ip>
    <!-- add the ip for display in the CSP web/console interfaces -->
    <vnc_password>CSP_ADMIN_PASSWORD</vnc_password>
    <!-- to secure the VNC console session -->
    <vnics>
      <vnic>
        <nic>0</nic>
        <vlan>12</vlan>
        <tagged>false</tagged>
        <type>access</type>
        <passthrough_mode>none</passthrough_mode>
        <model>virtio</model>
        <network_name>enp11s0f0</network_name>
      </vnic>
    </vnics>
    <disk_type>ide</disk_type>
    <day0_filename>user-data-esc</day0_filename>
    <day0-dest-filename>user-data</day0-dest-filename>
    <day0-volume-id>cidata</day0-volume-id>
  </service>
</services>
Step 3

Sending Configuration

Use a netconf-console (shipped with ConfD) to deploy ESC on a CSP node.

$ netconf-console --port=2022 --host=<CSP_IP_ADDRESS> --user=CSP_ADMIN_USERNAME --password=CSP_ADMIN_PASSWORD --edit-config=deployESCHA1.xml
Step 4

Configuring the VIM Connector

After ESC has booted, configure the VIM Connectors.

When installing ESC in CSP, no VIM connectors are added by default. To manage VNFs, you must create the VIM connector.
Step 5

Adding the VIM Connectors

For more information on configuring VIM connectors after installation, and managing VIM connectors, see Managing VIM Connectors in the Cisco Elastic Services Controller User Guide.

ESC HA Installation

To install ESC in CSP, you must create the user-data in the following format as the day0 configuration file. For HA, you must define one file for each VM.

For creating ESC passwords to use in Day0 Files, see the Creating ESC passwords to use in Day0 Files section.

A sample for ESC HA installation on ode 1 describing the day zero file as config drive and user data is as follows:

user-data sample - HA Node 1
#cloud-config
users:
 - name: admin
   gecos: admin
   groups: esc-user
   passwd: $6$rounds=4096$Yo11pRsFO$iT5SGMJ6z8WEnmj8TKMdInblgWeb/UChmrsQs3aspx8j.yUuuhxKk2XScOkerWWxpqD5F0sLfC5kzT5t2xGkL1
   lock-passwd: false
   homedir: /home/admin
   sudo: ALL=(ALL) ALL
 
ssh_pwauth: True
 
write_files:
# System Configuration
- path: /etc/cloud/cloud.cfg.d/sys-cfg.yaml
  content: |
    network:            # Network configuration
      version: 1        # Network config version 1
      config:
      - type: physical  # Represents a “physical” network device, typically Ethernet-based.
        name: eth0      # The network device name
        subnets:        # Multiple subnet entries can be defined under this portion.{}
        - type: static  # Specify the subnet type. set to 'static' to configure this interface with a static IPv4.
          address: 10.0.0.40   # ESC's Static IP Address
          netmask: 255.255.255.128  # Netmask
          dns_nameservers: ['10.0.0.1']
          routes:
          - gateway: 10.0.0.1 # Default Gateway
            network: 0.0.0.0
            netmask: 0.0.0.0
      - type: physical  # Represents a “physical” network device, typically Ethernet-based.
        name: eth1      # The network device name
        subnets:        # Multiple subnet entries can be defined under this portion.{}
        - type: static  # Specify the subnet type. set to 'static' to configure this interface with a static IPv4.
          address: 192.168.0.40   # ESC's Static IP Address
          netmask: 255.255.255.128  # Netmask
          routes:
          - gateway: 192.168.0.1 # Default Gateway
            network: 192.168.0.0
            netmask: 255.255.255.128
# ESC Configuration
- path: /opt/cisco/esc/esc-config/esc-cfg.yaml
  content: |
    ha:
      vri: 9 # this number is ranged from 1 ~ 254. You can randomly choose one but make sure it won't conflict with other VRRP ID in the same subnet
      mode: drbd             # Only 'drbd' is supported now.
      vip: 10.0.0.42  # The VIP for ESC HA
      vif: eth0
      nodes:
      - ipaddr: 10.0.0.40  # ESC HA's own IP Address
      - ipaddr: 10.0.0.41 # The peer ID Address of ESC HA
    confd:
      init_aaa_users:
      - name: admin
        passwd: $6$rounds=4096$Yo11pRsFO$iT5SGMJ6z8WEnmj8TKMdInblgWeb/UChmrsQs3aspx8j.yUuuhxKk2XScOkerWWxpqD5F0sLfC5kzT5t2xGkL1
    esc_service: {}
# Params
- path: /opt/cisco/esc/esc-config/esc_params.conf
  content: |
    default.enable_cascade_deletion=true
bootcmd:
- [ cloud-init-per, once, disable_ipv6_eth0, sh, -c, "echo net.ipv6.conf.eth0.disable_ipv6 = 1 >> /etc/sysctl.conf"]
# Update the ESC-HA-1 value with your own hostname
- [ cloud-init-per, once, update_host_name, sh, -c, "echo ESC-HA-1 >> /etc/hostname && hostnamectl set-hostname ESC-HA-1"]
- [ cloud-init-per, once, update_hosts, sh, -c, "echo 127.0.0.1 ESC-HA-1 >> /etc/hosts"]
runcmd:
- [ cloud-init-per, once, confd_keygen_root, sh, -c, "/usr/bin/escadm confd keygen --user root"]
- [ cloud-init-per, once, confd_keygen_admin, sh, -c, "/usr/bin/escadm confd keygen --user admin"]
- [ cloud-init-per, once, esc_service_start, sh, -c, "chkconfig esc_service on && service esc_service start"] # You must include this line

Procedure

Step 1

Uploading user-data file to CSP

To deploy ESC, the user-data file must be first uploaded to the CSP node.

Note 

The path to upload images and day0 files is: /osp/repository

 
scp user-data-esc-ha-1 CSP_ADMIN_USERNAME@<CSP_IP_ADDRESS>:/osp/repository

scp user-data-esc-ha-2 CSP_ADMIN_USERNAME@<CSP_IP_ADDRESS>:/osp/repository
Step 2

Deploying ESC VM

You must edit configuration to be sent to the CSP node hosting the ESC VM.

Following is the deployment datamodel for ESC HA on node 1 :

deployESC-HA-1.xml
<?xml version="1.0"?>
<services xmlns="http://www.cisco.com/ns/test/service">
  <service>
    <name>ESC-HA-1</name>
    <memory>2048</memory>
    <numcpu>1</numcpu>
    <disk_size>8.0</disk_size>
    <disk-resize>true</disk-resize>
    <iso_name>ESC-4_4_0_xxx.qcow2</iso_name>
    <power>on</power>
    <ip>10.0.0.40</ip>
    <!-- add the ip for display in the CSP web/console interfaces -->
    <vnc_password>VNC_PASSWORD</vnc_password>
    <!-- to secure the VNC console session -->
    <vnics>
      <vnic>
        <nic>0</nic>
        <vlan>1</vlan>
        <tagged>false</tagged>
        <type>access</type>
        <passthrough_mode>none</passthrough_mode>
        <model>virtio</model>
        <network_name>enp11s0f0</network_name>
      </vnic>
      <vnic>
        <nic>1</nic>
        <vlan>1</vlan>
        <tagged>false</tagged>
        <type>access</type>
        <passthrough_mode>none</passthrough_mode>
        <model>virtio</model>
        <network_name>enp11s0f1</network_name>
      </vnic>
    </vnics>
    <disk_type>ide</disk_type>
    <day0_filename>user-data-esc</day0_filename>
    <day0-dest-filename>user-data</day0-dest-filename> <!-- 'user-data' must always be used for the day0-dest-filename. -->
    <day0-volume-id>cidata</day0-volume-id>
  </service>
</services>
Following is the deployment datamodel for ESC in HA on node 2 :
deployESC-HA-2.xml
<?xml version="1.0"?>
<services xmlns="http://www.cisco.com/ns/test/service">
  <service>
    <name>ESC-HA-2</name>
    <memory>2048</memory>
    <numcpu>1</numcpu>
    <disk_size>8.0</disk_size>
    <disk-resize>true</disk-resize>
    <iso_name>ESC-4_4_0_xxx.qcow2</iso_name>
    <power>on</power>
    <ip>10.0.0.41</ip>
    <!-- add the ip for display in the CSP web/console interfaces -->
    <vnc_password>VNC_PASSWORD</vnc_password>
    <!-- to secure the VNC console session -->
    <vnics>
      <vnic>
        <nic>0</nic>
        <vlan>1</vlan>
        <tagged>false</tagged>
        <type>access</type>
        <passthrough_mode>none</passthrough_mode>
        <model>virtio</model>
        <network_name>enp11s0f0</network_name>
      </vnic>
      <vnic>
        <nic>1</nic>
        <vlan>1</vlan>
        <tagged>false</tagged>
        <type>access</type>
        <passthrough_mode>none</passthrough_mode>
        <model>virtio</model>
        <network_name>enp11s0f1</network_name>
      </vnic>
    </vnics>
    <disk_type>ide</disk_type>
    <day0_filename>user-data-esc</day0_filename>
    <day0-dest-filename>user-data</day0-dest-filename> <!-- 'user-data' must always be used for the day0-dest-filename. -->
    <day0-volume-id>cidata</day0-volume-id>
  </service>
</services>
Step 3

Sending Configuration

Use a netconf-console (shipped with ConfD) to deploy ESC on a CSP node.

$ netconf-console --port=2022 --host=<CSP_IP_ADDRESS> --user=<CSP_ADMIN_USERNAME> --password=<CSP_ADMIN_PASSWORD> --edit-config=deployESC-HA-1.xml

$ netconf-console --port=2022 --host=<CSP_IP_ADDRESS> --user=<CSP_ADMIN_USERNAME> --password=<CSP_ADMIN_PASSWORD> --edit-config=deployESC-HA-2.xml
Step 4

Configuring the VIM Connector

After ESC has booted, configure the VIM Connectors.

When installing ESC in CSP, no VIM connectors are added by default. To manage VNFs, you must create the VIM connector.
Step 5

Adding the VIM Connectors

For more information on configuring VIM connectors after installation, and managing VIM connectors, see Managing VIM Connectors in the Cisco Elastic Services Controller User Guide.