Contents

CNS Configuration Agent

Finding Feature Information

Your software release may not support all the features documented in this module. For the latest caveats and feature information, see Bug Search Tool and the release notes for your platform and software release. To find information about the features documented in this module, and to see a list of the releases in which each feature is supported, see the feature information table at the end of this module.

Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/​go/​cfn. An account on Cisco.com is not required.

Information About CNS Configuration Agent

Cisco Networking Services Configuration Agent

The Cisco Networking Services configuration agent is involved in the initial configuration and subsequent partial configurations on a Cisco device. To activate the Cisco Networking Services configuration agent, enter any of the cns config CLI commands.

Initial Cisco Networking Services Configuration

When a routing device first comes up, it connects to the configuration server component of the Cisco Networking Services configuration agent by establishing a TCP connection through the use of the cns config initialcommand, a standard CLI command. The device issues a request and identifies itself by providing a unique configuration ID to the configuration server.

When the Cisco Networking Services web server receives a request for a configuration file, it invokes the Java servlet and executes the corresponding embedded code. The embedded code directs the Cisco Networking Services web server to access the directory server and file system to read the configuration reference for this device (configuration ID) and template. The Configuration Agent prepares an instantiated configuration file by substituting all the parameter values specified in the template with valid values for this device. The configuration server forwards the configuration file to the Cisco Networking Services web server for transmission to the routing device.

The Cisco Networking Services configuration agent accepts the configuration file from the Cisco Networking Services web server, performs XML parsing, checks syntax (optional), and loads the configuration file. The routing device reports the status of the configuration load as an event to which a network monitoring or workflow application can subscribe.

For more details on using the Cisco Cisco Networking Services configuration engine to automatically install the initial Cisco Networking Services configuration, see the Cisco Networking Services Configuration Engine Administrator’s Guide at http:/​/​www.cisco.com/​univercd/​cc/​td/​doc/​product/​rtrmgmt/​cns/​ce/​rel13/​ag13/​index.htm .

Incremental Cisco Networking Services Configuration

Once the network is up and running, new services can be added using the Cisco Networking Services configuration agent. Incremental (partial) configurations can be sent to routing devices. The actual configuration can be sent as an event payload by way of the event gateway (push operation) or as a signal event that triggers the device to initiate a pull operation.

The routing device can check the syntax of the configuration before applying it. If the syntax is correct, the routing device applies the incremental configuration and publishes an event that signals success to the configuration server. If the device fails to apply the incremental configuration, it publishes an event that indicates an error.

Once the routing device has applied the incremental configuration, it can write the configuration to NVRAM or wait until signaled to do so.

Synchronized Configuration

When a routing device receives a configuration, the device has the option to defer application of the configuration upon receipt of a write-signal event. The Cisco Networking Services Configuration Agent feature allows the device configuration to be synchronized with other dependent network activities.

How to Configure CNS Configuration Agent

Configuring the Cisco Networking Services Event and EXEC Agents

SUMMARY STEPS

    1.    enable

    2.    configure terminal

    3.    cns config partial {host-name | ip-address} [encrypt] [port-number] [source interface name] [inventory]

    4.    logging cns-events [severity-level]

    5.    cns exec [encrypt] [port-number] [source {ip-address | interface-type-number}]

    6.    cns event {hostname | ip-address} [encrypt] [port-number] [backup] [failover-time seconds] [keepalive seconds retry-count] [source ip-address | interface-name][clock-timeout time] [reconnect-time time]

    7.    exit


DETAILED STEPS
     Command or ActionPurpose
    Step 1 enable


    Example:
    Device> enable
    
     

    Enables privileged EXEC mode.

    • Enter your password if prompted.

     
    Step 2 configure terminal


    Example:
    Device# configure terminal
    
     

    Enters global configuration mode.

     
    Step 3 cns config partial {host-name | ip-address} [encrypt] [port-number] [source interface name] [inventory]


    Example:
    Device(config)# cns config partial 172.28.129.22 80
    
     

    (Optional) Starts the Cisco Networking Services configuration agent, which provides Cisco Networking Services configuration services to Cisco clients, and initiates an incremental (partial) configuration.

    • Use the optional port-number argument to specify the port number for the configuration server. The default is 80.

    • Use the optional source keyword and ip-address argument to specify the use of an IP address as the source for Cisco Networking Services configuration agent communications.

    • Use the optional inventory keyword to send an inventory of the linecards and modules in the device to the Cisco Networking Services configuration engine as part of the HTTP request.

    Note   

    The optional encrypt keyword is available only in images that support SSL.

     
    Step 4 logging cns-events [severity-level]


    Example:
    Device(config)# logging cns-events 2
    
     

    (Optional) Enables XML-formatted system event message logging to be sent through the Cisco Networking Services event bus.

    • Use the optional severity-level argument to specify the number or name of the desired severity level at which messages should be logged. The default is level 7 (debugging).

     
    Step 5 cns exec [encrypt] [port-number] [source {ip-address | interface-type-number}]


    Example:
    Device(config)# cns exec source 172.17.2.2
    
     

    (Optional) Enables and configures the Cisco Networking Services EXEC agent, which provides Cisco Networking Services EXEC services to Cisco clients.

    • Use the optional port-number argument to specify the port number for the EXEC server. The default is 80.

    • Use the optional source keyword and ip-address/interface-type number argument to specify the use of an IP address as the source for Cisco Networking Services EXEC agent communications.

    Note   

    The optional encrypt keyword is available only in images that support SSL.

     
    Step 6 cns event {hostname | ip-address} [encrypt] [port-number] [backup] [failover-time seconds] [keepalive seconds retry-count] [source ip-address | interface-name][clock-timeout time] [reconnect-time time]


    Example:
    Device(config)# cns event 172.28.129.22 source 172.22.2.1
    
     

    Configures the Cisco Networking Services event gateway, which provides Cisco Networking Services event services to Cisco clients.

    • The optional encrypt keyword is available only in images that support SSL.

    • Use the optional port-number argument to specify the port number for the event server. The default is 11011 with no encryption and 11012 with encryption.

    • Use the optional backup keyword to indicate that this is the backup gateway. Before configuring a backup gateway, ensure that a primary gateway is configured.

    • Use the optional failover-time keyword and seconds argument to specify a time interval in seconds to wait for the primary gateway route after the route to the backup gateway is established.

    • Use the optional keepalive keyword with the seconds and retry-count arguments to specify the keepalive timeout in seconds and the retry count.

    • Use the optional source keyword and ip-address/interface-name argument to specify the use of an IP address as the source for Cisco Networking Services event agent communications.

    • Use the optional clock-timeout keyword to specify the maximum time, in minutes, that the Cisco Networking Services event agent will wait for the clock to be set for transports (such as SSL) that require an accurate clock.

    • Use the optional reconnect-time keyword to specify the configurable upper limit of the maximum retry timeout.

    Note   

    Until the cns event command is entered, no transport connections to the Cisco Networking Services event bus are made and therefore no other Cisco Networking Services agents are operational.

     
    Step 7 exit


    Example:
    Device(config)# exit
    
     

    Exits global configuration mode and returns to privileged EXEC mode.

     

    Troubleshooting Tips

    • Use the show cns event connections command to check that the Cisco Networking Services event agent is connected to the Cisco Networking Services event gateway.

    • Use the show cns event subject command to check that the image agent subject names are registered. Subject names for the Cisco Networking Services image agent begin with cisco.mgmt.cns.image.

    Configuration Examples for CNS Configuration Agent

    Example: Enabling and Configuring Cisco Networking Services Agents

    The following example shows various Cisco Networking Services agents being enabled and configured starting with the configuration agent being enabled with the cns config partial command to configure an incremental (partial) configuration on a remote device. The Cisco Networking Services configuration engine IP address is 172.28.129.22, and the port number is 80. The Cisco Networking Services exec agent is enabled with an IP address of 172.28.129.23, and the Cisco Networking Services event agent is enabled with an IP address of 172.28.129.24. Until the Cisco Networking Services event agent is enabled, no other Cisco Networking Services agents are operational.

     cns config partial 172.28.129.22 80
     cns exec 172.28.129.23 source 172.22.2.2
     cns event 172.28.129.24 source 172.22.2.1
     exit
    

    In the following example, the Cisco Networking Services image agent parameters are configured using the CLI. An image ID is specified to use the IP address of the GigabitEthernet interface 0/1/1, a password is configured for the Cisco Networking Services image agent services, the Cisco Networking Services image upgrade retry interval is set to four minutes, and image management and status servers are configured.

    cns id GigabitEthernet0/1/1 ipaddress image
    cns image retry 240
    cns image password abctext
    cns image server https://10.21.2.3/cns/imgsvr status https://10.21.2.3/cns/status/
    

    In the following example, the Cisco Networking Services image agent is configured to use the Cisco Networking Services Event Bus. An image ID is specified as the hardware serial number of the networking device, the Cisco Networking Services event agent is enabled with a number of parameters, and the Cisco Networking Services image agent is enabled without any keywords or options. The Cisco Networking Services image agent will listen for events on the Cisco Networking Services Event Bus.

    cns id hardware-serial image
    cns event 10.21.9.7 11011 keepalive 240 120 failover-time 5
    cns image
    cns image password abctext
    

    Example: Retrieving a Cisco Networking Services Image from a Server

    In the following example, the Cisco Networking Services image agent polls a file server using the cns image retrieve command. Assuming that the Cisco Networking Services image agent is already enabled, the file server and status server paths specified here will overwrite any existing image agent server and status configuration. The new file server will be polled and a new image, if it exists, will be downloaded to the networking device.

     cns image retrieve server https://10.19.2.3/cns/ status https://10.19.2.3/cnsstatus/
    

    Additional References

    Related Documents

    Related Topic

    Document Title

    Cisco IOS commands

    Cisco IOS Master Commands List, All Releases

    Cisco Networking Services commands: complete command syntax, command mode, command history, defaults, usage guidelines, and examples.

    Cisco IOS Cisco Networking Services Command Reference

    Cisco Networking Services Configuration Engine

    Cisco CNS Configuration Engine Administrator Guide, 1.3

    Standards and RFCs

    Standard/RFC

    Title

    No new or modified standards/RFCs are supported by this feature, and support for existing standards/RFCs has not been modified by this feature.

    --

    MIBs

    MIB

    MIBs Link

    No new or modified MIBs are supported by this feature, and support for existing MIBs has not been modified by this feature.

    To locate and download MIBs for selected platforms, Cisco software releases, and feature sets, use Cisco MIB Locator found at the following URL:

    http:/​/​www.cisco.com/​go/​mibs

    Technical Assistance

    Description

    Link

    The Cisco Support and Documentation website provides online resources to download documentation, software, and tools. Use these resources to install and configure the software and to troubleshoot and resolve technical issues with Cisco products and technologies. Access to most tools on the Cisco Support and Documentation website requires a Cisco.com user ID and password.

    http:/​/​www.cisco.com/​cisco/​web/​support/​index.html

    Feature Information for CNS Configuration Agent

    The following table provides release information about the feature or features described in this module. This table lists only the software release that introduced support for a given feature in a given software release train. Unless noted otherwise, subsequent releases of that software release train also support that feature.

    Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/​go/​cfn. An account on Cisco.com is not required.
    Table 1 Feature Information for CNS Configuration Agent

    Feature Name

    Releases

    Feature Information

    CNS Configuration Agent

    Cisco IOS XE Release 2.1

    12.0(18)ST

    12.0(22)S

    12.2(2)T

    12.2(8)T

    12.2(33)SRA

    12.2(33)SB

    12.2(33)SXI

    The Cisco Networking Services Configuration Agent feature supports routing devices by providing the following:

    • Initial configurations

    • Incremental (partial) configurations

    • Synchronized configuration updates

    The following commands were introduced or modified by this feature: cns config cancel, cns config initial , cns config partial , cns config retrieve ,cns password, debug cns config, debug cns xml-parser , show cns config outstanding ,show cns config stats, show cns config status .


    CNS Configuration Agent

    CNS Configuration Agent

    Finding Feature Information

    Your software release may not support all the features documented in this module. For the latest caveats and feature information, see Bug Search Tool and the release notes for your platform and software release. To find information about the features documented in this module, and to see a list of the releases in which each feature is supported, see the feature information table at the end of this module.

    Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/​go/​cfn. An account on Cisco.com is not required.

    Information About CNS Configuration Agent

    Cisco Networking Services Configuration Agent

    The Cisco Networking Services configuration agent is involved in the initial configuration and subsequent partial configurations on a Cisco device. To activate the Cisco Networking Services configuration agent, enter any of the cns config CLI commands.

    Initial Cisco Networking Services Configuration

    When a routing device first comes up, it connects to the configuration server component of the Cisco Networking Services configuration agent by establishing a TCP connection through the use of the cns config initialcommand, a standard CLI command. The device issues a request and identifies itself by providing a unique configuration ID to the configuration server.

    When the Cisco Networking Services web server receives a request for a configuration file, it invokes the Java servlet and executes the corresponding embedded code. The embedded code directs the Cisco Networking Services web server to access the directory server and file system to read the configuration reference for this device (configuration ID) and template. The Configuration Agent prepares an instantiated configuration file by substituting all the parameter values specified in the template with valid values for this device. The configuration server forwards the configuration file to the Cisco Networking Services web server for transmission to the routing device.

    The Cisco Networking Services configuration agent accepts the configuration file from the Cisco Networking Services web server, performs XML parsing, checks syntax (optional), and loads the configuration file. The routing device reports the status of the configuration load as an event to which a network monitoring or workflow application can subscribe.

    For more details on using the Cisco Cisco Networking Services configuration engine to automatically install the initial Cisco Networking Services configuration, see the Cisco Networking Services Configuration Engine Administrator’s Guide at http:/​/​www.cisco.com/​univercd/​cc/​td/​doc/​product/​rtrmgmt/​cns/​ce/​rel13/​ag13/​index.htm .

    Incremental Cisco Networking Services Configuration

    Once the network is up and running, new services can be added using the Cisco Networking Services configuration agent. Incremental (partial) configurations can be sent to routing devices. The actual configuration can be sent as an event payload by way of the event gateway (push operation) or as a signal event that triggers the device to initiate a pull operation.

    The routing device can check the syntax of the configuration before applying it. If the syntax is correct, the routing device applies the incremental configuration and publishes an event that signals success to the configuration server. If the device fails to apply the incremental configuration, it publishes an event that indicates an error.

    Once the routing device has applied the incremental configuration, it can write the configuration to NVRAM or wait until signaled to do so.

    Synchronized Configuration

    When a routing device receives a configuration, the device has the option to defer application of the configuration upon receipt of a write-signal event. The Cisco Networking Services Configuration Agent feature allows the device configuration to be synchronized with other dependent network activities.

    How to Configure CNS Configuration Agent

    Configuring the Cisco Networking Services Event and EXEC Agents

    SUMMARY STEPS

      1.    enable

      2.    configure terminal

      3.    cns config partial {host-name | ip-address} [encrypt] [port-number] [source interface name] [inventory]

      4.    logging cns-events [severity-level]

      5.    cns exec [encrypt] [port-number] [source {ip-address | interface-type-number}]

      6.    cns event {hostname | ip-address} [encrypt] [port-number] [backup] [failover-time seconds] [keepalive seconds retry-count] [source ip-address | interface-name][clock-timeout time] [reconnect-time time]

      7.    exit


    DETAILED STEPS
       Command or ActionPurpose
      Step 1 enable


      Example:
      Device> enable
      
       

      Enables privileged EXEC mode.

      • Enter your password if prompted.

       
      Step 2 configure terminal


      Example:
      Device# configure terminal
      
       

      Enters global configuration mode.

       
      Step 3 cns config partial {host-name | ip-address} [encrypt] [port-number] [source interface name] [inventory]


      Example:
      Device(config)# cns config partial 172.28.129.22 80
      
       

      (Optional) Starts the Cisco Networking Services configuration agent, which provides Cisco Networking Services configuration services to Cisco clients, and initiates an incremental (partial) configuration.

      • Use the optional port-number argument to specify the port number for the configuration server. The default is 80.

      • Use the optional source keyword and ip-address argument to specify the use of an IP address as the source for Cisco Networking Services configuration agent communications.

      • Use the optional inventory keyword to send an inventory of the linecards and modules in the device to the Cisco Networking Services configuration engine as part of the HTTP request.

      Note   

      The optional encrypt keyword is available only in images that support SSL.

       
      Step 4 logging cns-events [severity-level]


      Example:
      Device(config)# logging cns-events 2
      
       

      (Optional) Enables XML-formatted system event message logging to be sent through the Cisco Networking Services event bus.

      • Use the optional severity-level argument to specify the number or name of the desired severity level at which messages should be logged. The default is level 7 (debugging).

       
      Step 5 cns exec [encrypt] [port-number] [source {ip-address | interface-type-number}]


      Example:
      Device(config)# cns exec source 172.17.2.2
      
       

      (Optional) Enables and configures the Cisco Networking Services EXEC agent, which provides Cisco Networking Services EXEC services to Cisco clients.

      • Use the optional port-number argument to specify the port number for the EXEC server. The default is 80.

      • Use the optional source keyword and ip-address/interface-type number argument to specify the use of an IP address as the source for Cisco Networking Services EXEC agent communications.

      Note   

      The optional encrypt keyword is available only in images that support SSL.

       
      Step 6 cns event {hostname | ip-address} [encrypt] [port-number] [backup] [failover-time seconds] [keepalive seconds retry-count] [source ip-address | interface-name][clock-timeout time] [reconnect-time time]


      Example:
      Device(config)# cns event 172.28.129.22 source 172.22.2.1
      
       

      Configures the Cisco Networking Services event gateway, which provides Cisco Networking Services event services to Cisco clients.

      • The optional encrypt keyword is available only in images that support SSL.

      • Use the optional port-number argument to specify the port number for the event server. The default is 11011 with no encryption and 11012 with encryption.

      • Use the optional backup keyword to indicate that this is the backup gateway. Before configuring a backup gateway, ensure that a primary gateway is configured.

      • Use the optional failover-time keyword and seconds argument to specify a time interval in seconds to wait for the primary gateway route after the route to the backup gateway is established.

      • Use the optional keepalive keyword with the seconds and retry-count arguments to specify the keepalive timeout in seconds and the retry count.

      • Use the optional source keyword and ip-address/interface-name argument to specify the use of an IP address as the source for Cisco Networking Services event agent communications.

      • Use the optional clock-timeout keyword to specify the maximum time, in minutes, that the Cisco Networking Services event agent will wait for the clock to be set for transports (such as SSL) that require an accurate clock.

      • Use the optional reconnect-time keyword to specify the configurable upper limit of the maximum retry timeout.

      Note   

      Until the cns event command is entered, no transport connections to the Cisco Networking Services event bus are made and therefore no other Cisco Networking Services agents are operational.

       
      Step 7 exit


      Example:
      Device(config)# exit
      
       

      Exits global configuration mode and returns to privileged EXEC mode.

       

      Troubleshooting Tips

      • Use the show cns event connections command to check that the Cisco Networking Services event agent is connected to the Cisco Networking Services event gateway.

      • Use the show cns event subject command to check that the image agent subject names are registered. Subject names for the Cisco Networking Services image agent begin with cisco.mgmt.cns.image.

      Configuration Examples for CNS Configuration Agent

      Example: Enabling and Configuring Cisco Networking Services Agents

      The following example shows various Cisco Networking Services agents being enabled and configured starting with the configuration agent being enabled with the cns config partial command to configure an incremental (partial) configuration on a remote device. The Cisco Networking Services configuration engine IP address is 172.28.129.22, and the port number is 80. The Cisco Networking Services exec agent is enabled with an IP address of 172.28.129.23, and the Cisco Networking Services event agent is enabled with an IP address of 172.28.129.24. Until the Cisco Networking Services event agent is enabled, no other Cisco Networking Services agents are operational.

       cns config partial 172.28.129.22 80
       cns exec 172.28.129.23 source 172.22.2.2
       cns event 172.28.129.24 source 172.22.2.1
       exit
      

      In the following example, the Cisco Networking Services image agent parameters are configured using the CLI. An image ID is specified to use the IP address of the GigabitEthernet interface 0/1/1, a password is configured for the Cisco Networking Services image agent services, the Cisco Networking Services image upgrade retry interval is set to four minutes, and image management and status servers are configured.

      cns id GigabitEthernet0/1/1 ipaddress image
      cns image retry 240
      cns image password abctext
      cns image server https://10.21.2.3/cns/imgsvr status https://10.21.2.3/cns/status/
      

      In the following example, the Cisco Networking Services image agent is configured to use the Cisco Networking Services Event Bus. An image ID is specified as the hardware serial number of the networking device, the Cisco Networking Services event agent is enabled with a number of parameters, and the Cisco Networking Services image agent is enabled without any keywords or options. The Cisco Networking Services image agent will listen for events on the Cisco Networking Services Event Bus.

      cns id hardware-serial image
      cns event 10.21.9.7 11011 keepalive 240 120 failover-time 5
      cns image
      cns image password abctext
      

      Example: Retrieving a Cisco Networking Services Image from a Server

      In the following example, the Cisco Networking Services image agent polls a file server using the cns image retrieve command. Assuming that the Cisco Networking Services image agent is already enabled, the file server and status server paths specified here will overwrite any existing image agent server and status configuration. The new file server will be polled and a new image, if it exists, will be downloaded to the networking device.

       cns image retrieve server https://10.19.2.3/cns/ status https://10.19.2.3/cnsstatus/
      

      Additional References

      Related Documents

      Related Topic

      Document Title

      Cisco IOS commands

      Cisco IOS Master Commands List, All Releases

      Cisco Networking Services commands: complete command syntax, command mode, command history, defaults, usage guidelines, and examples.

      Cisco IOS Cisco Networking Services Command Reference

      Cisco Networking Services Configuration Engine

      Cisco CNS Configuration Engine Administrator Guide, 1.3

      Standards and RFCs

      Standard/RFC

      Title

      No new or modified standards/RFCs are supported by this feature, and support for existing standards/RFCs has not been modified by this feature.

      --

      MIBs

      MIB

      MIBs Link

      No new or modified MIBs are supported by this feature, and support for existing MIBs has not been modified by this feature.

      To locate and download MIBs for selected platforms, Cisco software releases, and feature sets, use Cisco MIB Locator found at the following URL:

      http:/​/​www.cisco.com/​go/​mibs

      Technical Assistance

      Description

      Link

      The Cisco Support and Documentation website provides online resources to download documentation, software, and tools. Use these resources to install and configure the software and to troubleshoot and resolve technical issues with Cisco products and technologies. Access to most tools on the Cisco Support and Documentation website requires a Cisco.com user ID and password.

      http:/​/​www.cisco.com/​cisco/​web/​support/​index.html

      Feature Information for CNS Configuration Agent

      The following table provides release information about the feature or features described in this module. This table lists only the software release that introduced support for a given feature in a given software release train. Unless noted otherwise, subsequent releases of that software release train also support that feature.

      Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/​go/​cfn. An account on Cisco.com is not required.
      Table 1 Feature Information for CNS Configuration Agent

      Feature Name

      Releases

      Feature Information

      CNS Configuration Agent

      Cisco IOS XE Release 2.1

      12.0(18)ST

      12.0(22)S

      12.2(2)T

      12.2(8)T

      12.2(33)SRA

      12.2(33)SB

      12.2(33)SXI

      The Cisco Networking Services Configuration Agent feature supports routing devices by providing the following:

      • Initial configurations

      • Incremental (partial) configurations

      • Synchronized configuration updates

      The following commands were introduced or modified by this feature: cns config cancel, cns config initial , cns config partial , cns config retrieve ,cns password, debug cns config, debug cns xml-parser , show cns config outstanding ,show cns config stats, show cns config status .