Install CPS 10.1.0 All In One on VMWare Virtual Player 12

Introduction

This document describes the procedure to install a Cisco Policy Suite (CPS) All in One (AIO) solution on a VMware Workstation Player.

Prerequisites

Requirements

There are no specific requirements for this document.

Components Used

The information in this document is based on these software and hardware versions:

• Computer that runs MicroSoft Windows. The procedure can be applied, with small variations for MAC OS as well.
• VMware Workstation of VMware Workstation Player software (VMware Fusin for MAC OS)
• At least 4GB RAM (better 8GB) available on host machine
• Four available CPU cores.
• Two virtual network interfaces (it is ok to use the Network Address Translation (NAT) and Host-Only virtual networks)

The information in this document was created from the devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If your network is live, make sure that you understand the potential impact of any command.

Background Information

Such a deployment can be useful to get familiar with the solution itself, for training purposes or as a lab for pre-production feature testing.

The procedure applies to CPS version 10.1.0, but can be adapted for other versions as well. Check the official documentation for specific instructions.

Procedure

Step 1. Download CPS software from cisco.com, namely CPS_10.1.0.release.iso and CPS_10.1.0_Base.release.tar.gz files.

Step 2. Extract. CPS_10.1.0_Base.release.tar.gz. Inside you must find a base.vmdk file (VM disk image). This is used in a later step as the hard drive for Virtual Machine (VM).

Step 3. Create a new VM of CentOS 64-bit type. Chose a very small Hard Disk Drive (HDD), which you can delete later.

Customize hardware, so it includes two Network Interface Controller or Card (NICs), one for internal and one for management. 

This the way to edit the VM settings:

• Add at least 4GB RAM.
• Add four CPU cores and enable the Virtualize Intel VT-x/EPT or AMD-V/RVI option.
• Insert the CPS_10.1.0.release.iso in the virtual CD Rom.
• Remove the old HDD.
• Add the earlier downloaded base.vmdk file as HDD as follows:
• Open the virtual machine settings editor (VM > Settings) and click Add. The Add Hardware Wizard guides you through the steps to create your virtual disk.
• Click Hard Disk, then click Next.
• Select Use an existing virtual disk, then click Next.
• Enter the path and filename for the existing disk file, or click Browse to navigate to the file.
• Click OK.

Note: The Hard Disk size is 100GB, but it actually occupies much less (it's dynamic size).

• Close the VMWare player and browse towards the folder where the VM was created (must be something like C:\Users\<username>\Documents\Virtual Machines)
• Open the .vmx  file with a text editor and modify the virtualHW.version to 8 as listed here:

virtualHW.version = "8"

• Save the file and boot the VM.

Note: This message may be reported on the Cluster Manager VM console. You can disregard this message 'Probing EDD (edd=off to disable)'. 

It can take around ten minutes until the CPS boots and provides the log in prompt.When it is available, log in with root/cisco123.

Step 4. Configure the network settings.

Assign the eth0 interface to a LAN (alias private) by modifying /etc/sysconfig/network-scripts/ifcfg-eth0 as follows:

 DEVICE=eth0
 TYPE=Ethernet
 ONBOOT=yes
 NM_CONTROLLED=no
 IPADDR=192.168.119.200
 NETMASK=255.255.255.0

Assign eth1 interface to a different LAN (alias public) by modifying  /etc/sysconfig/network-scripts/ifcfg-eth1 as follows:

 DEVICE=eth1
 TYPE=Ethernet
 ONBOOT=yes
NM_CONTROLLED=no
 IPADDR=172.16.1.200
 NETMASK=255.255.255.0

Ensure that the IP addresses are configured in line with the IP addresses associated to virtual host adapters to which they connect in VMware Player.

For example, if the first interface is attached to the VMware Network Adapter VMnet 8 which is configured as a part of 192.168.119.0/24 network (as depicted here), then you must chose an IP address from this range.

Ethernet adapter VMware Network Adapter VMnet8:

Connection-specific DNS Suffix . :
 Link-local IPv6 Address . . . . . : fe80::44b7:6018:90d7:b716%2
 IPv4 Address. . . . . . . . . . . : 192.168.119.1
 Subnet Mask . . . . . . . . . . . : 255.255.255.0
 Default Gateway . . . . . . . . . : 

Restart the networking with /etc/init.d/network restart.

Now you can Secure Shell (SSH) into the machine.

Step 5. Log in to the VM as a root user with the use of SSH and public address (or via the VM console).

Edit/add the eth0 private IP address of the Cluster Manager in /etc/hosts.

For example:

192.168.119.200 installer

Step 6. Update the Rivest-Shamir-Addleman (RSA) public key:

cp /etc/ssh/ssh_host_rsa_key.pub /root/.ssh/id_rsa.pub

Step 7. Mount the ISO from CD/DVD:

mkdir -p /mnt/iso
mount -o loop /dev/sr0 /mnt/iso/ 

Note: Verify whether install.sh command is available in /mnt/iso.

If install.sh command is not available, perform these steps

•  Unmount the CPS ISO:

umount /mnt/iso

• Mount the ISO from CD/DVD:

mount -o loop /dev/sr1 /mnt/iso/

Step 8. In order to install an AIO deployment where all CPS components are installed on a single VM, configure this node to be an 'aio':

echo NODE_TYPE=aio > /etc/broadhop.profile

Step 9. Run the install.sh script from the ISO directory:

cd /mnt/iso
./install.sh

When prompted for the install type, enter mobile.

Step 10. When prompted to initialize the environment, enter y.

When prompted for the type of installation, enter 1 (New Deployment).

When install.sh finishes, validate that your system configuration is correct, with respect to this server's hostname:

cat /etc/sysconfig/network

Check the value of the HOSTNAME variable. Typically this value is set to lab, but alternative hostnames can work. If you have modified this value - restart the VM

Step 11. Run this command to reinitialize CPS.

/var/qps/install/current/scripts/upgrade/reinit.sh

Note: reinit.sh executes puppet on AIO and also check if it is executed successfully.  With the author's first trial, the SSH session disconnected. It is better to do it in the VM console directly. 

Step 12. Check node to be configured as AIO in /etc/broadhop.profile file. If it is not configured to be AIO, then explicitly configure this node to be an aio:

Step 13. Execute configuration script to apply the appropriate configurations to the system:

puppet apply -v --modulepath "/etc/puppet/modules:/etc/puppet/env_config/modules" --pluginsync /etc/puppet/manifests/init.pp --logdest /var/log/puppet.log

Step 14. Run these commands to publish configuration and restart CPS.

/var/qps/bin/control/restartall.sh

restartall.sh script process prompts for either Y/N to restart the process. Enter Y to restart the process.

Step 15. Reset the password for Control Center. Run the change_passwd.sh script. As this is a fresh installation, before you run change_passwd.sh script, run source /etc/profile.d/broadhop.sh to source the broadhop scripts in the PATH. This is applicable for first time only.

Step 16. Add a grafana user.

 Add user with view-only access:

/usr/bin/htpasswd -cs /var/broadhop/.htpasswd user1

Note: More information about grafana can be found in the official documentation.

Verify

Use this section in order to confirm that your configuration works properly.

At this point, the Cluster Manager node is properly configured to provide All-in-One service.

Verify the status with:

  /var/qps/bin/diag/diagnostics.sh

Ensure no [FAIL] is listed there

In order to verify all the applications, run the command:

/var/qps/bin/diag/about.sh

Among other things (like software version), you get a list of all services that run on AIO and the URLs to access them.