CliQr is now part of Cisco Learn More About Cisco

Install CCM Using Appliances (Required)                                    

  •  CCM NON-HA

    Install CCM NON-HA Using Appliance


    Proxy Settings

    If you need a proxy server to connect to the internet, be sure to configure the Proxy setting for the Tomcat service on the CCM and CCO servers.

    To connect to the Internet using a proxy server, follow this process:

    1. Modify your proxy environment to reflect your proxy settings.
    2. In the /usr/local/tomcat/bin/setenv.sh file, the CloudCenter platform requires you to add the following parameters to the existing JAVA_OPTS environment variable:

      REQUIRED – Add the following parameters to the JAVA_OPTS environment variable
      Sample /usr/local/tomcat/bin/setenv.sh with added parameters in JAVA_OPTS
    3. Additional parameters may be required if the CCM or CCO servers need to reach network resources, bypassing the proxy.

      OPTIONAL – Sample /usr/local/tomcat/bin/setenv.sh bypassing the proxy
    4. Restart the Tomcat service.

    5. Verify that the proxy settings are in effect by issuing the ps aux | grep java command.

      Output of the ps aux | grep java command

      Ensure that line -Dhttp.proxyHost=proxy.cisco.com -Dhttp.proxyPort=80 -Dhttp.nonProxyHosts=10.1.1.1 is present in the output.

     

     

    Configure CCM Wizard Properties

    To configure the CCM wizard properties, follow this procedure.

      1. SSH into the CCM instance as a CentOS user.
      2. Run the following command:

    1. Invoke the CCM wizard.

      CCM Wizard Path

       

      Configure the server properties.

      Write this down for future reference!

      Icon
      Write down the Field details in a printed version of the Installation Approach > Your Notes section for later use.

      Wizard Menu

      Field

      Description

      Mail

      The SMTP server details to send mail notifications. If you retain the default settings, the SMTP sever details are not configured.

      SMTP Host

      smtp.gmail.com

      SMTP PortDefaults to 465
      SMTP Auth

      Boolean setting

      • True = Authentication is required for the SMTP server.
      • False = Authentication is not required for the SMTP server.

      Mail_User

      The mail authentication and configuration details to send mail notifications. If you retain the default settings, the mail functionality is not be configured and emails are not sent.

      Mail User

      Your email address for the SMTP server

      Password

      The password to log into the SMTP server

      From User

      The email address (no reply) to initiate emails from the CCM server

      Display NameThe name to be displayed when you initiate emails from the CCM server
      Server_info (Required)Public DNS

      DNS (or IP address) of the CCM – Used by the CCO VM to communicate with the CCM VM.

      Monitor URL

      Monitor VM's complete URL. For example, https://<MON IP address>:8443.

      • Requires HTTPS protocol.
      • Used by the CCM VM to retrieve the health status from the Monitor VM.

      Hazelcast IP

      Private IP address of the CCM VM – Used internally by the CloudCenter platform. Required for HA Mode.

      External URL

      The CloudCenter External URL for the CCM server. Required for HA Mode.

      Config_App_Logo

      Used by the application profile templates.

      DB Password

      CCM NON-HA appliance mode derives this information automatically from the PostgreSQL database.

      CCM HA appliance mode does not have this information as the database and the CCM must both be configured to communicate with each other. As such, you must explicitly configure the application profile templates location in the database by providing the database information.

      The default DB password = cliqr

       

      Icon

      Be sure to change the default password immediately after your first login. See PostgreSQL Password for additional context.

      ESB_Info
      Required only if you installed Enterprise Service Bus (ESB), an optional component that is not installed in CloudCenter appliances by default.
      Rabbit Host

      The IP address or the hostname of the ESB AMQP server.

      Rabbit Port5671
      Management Server AddressThe IP address or the hostname of the CCM server.
      Notification Server AddressThe IP address or the hostname of the Notification server (ideally, the same as the CCM server).
      Trust Store PasswordThe trust store password for the ESB instance.
      Key Store PasswordThe key store password for the ESB instance.

      Network

       

      Hostname

      The CCM server's hostname – use the default if you are not making any changes.

      DBIP or Hostname

      DNS or IP of the database:

      • Local host: Default, does not include the flyway migrate configuration
      • Remote host, includes the flyway migrate configuration – see the last bullet in this row.
      Username

      Authenticated username for the database (either local or remote).

      Password

      Authenticated password for the database (either local or remote).

      Flyway Migrate

      Optional. Remote Host Configure the CCM to a remote database by providing the IP address of the remote database. When you provide the IP address, you see an additional screen to configure the flyway migrate process.

      • Yes: Flyway migration takes place.
      • No: Only the configuration files are updated.
      Icon

      DB configuration is required for standalone database deployments.

      ELK_InfoELK Host

      Specify the IP address for the ELK host (Monitor VM).

      Elasticsearch PortDisplays 8881 by default.
      Logstash PortDisplays 4560 by default.
      Kibana PortDisplays 8882 by default.
      ELK UserThe default ELK Username = logreader.
      ELK PasswordThe default ELK Password is re@d0nly (zero between d and n) (change this password after the initial login – see Download Log File for additional context).
      Host IdentifierA Unique ID for the server – be sure to prefix the unique identifier with CCM_ for example, CCM_1
      Host Identifier List

      Only applies to environments using the HA mode – provide a list of comma separated unique host identifiers for all ELK/Monitor hosts in a HA setup = for example, CCM_1,CCM_2,myCCM.

      Icon

      In an environment operating in HA mode, if you have two CCM instances with unique IDs configured as CCM_1,CCM_2 in their respective server.properties file, then this property should state CCM_1,CCM_2 in both CCM instances. Each CCM must be aware of the unique ID of the other CCM(s) when in HA mode.

      Config_Certs – Custom Certs MenuGenerate Certs
      • CloudCenter ID: A customer-assigned unique alphanumeric string to identify this CloudCenter deployment.
      • Company Name: The name of the company for which this certificate is being generated.
      Update CertsCerts Zip Path: Provide the path for the certs.zip file. The default path is /tmp/certs.zip.
    2. Exit the CCM configuration wizard.

    3. Select Yes, to restart the Tomcat service for the changes to take effect.

    You have successfully installed the CCM instance! You can now proceed to the next step:

    • If you are installing a Health Monitor component – see Health Monitor Installation (Optional)

  •  CCM NON-HA STANDALONE

    Install NON-HA-STANDALONE CCM Using Appliance


    Proxy Settings

    If you need a proxy server to connect to the internet, be sure to configure the Proxy setting for the Tomcat service on the CCM and CCO servers.

    To connect to the Internet using a proxy server, follow this process:

    1. Modify your proxy environment to reflect your proxy settings.
    2. In the /usr/local/tomcat/bin/setenv.sh file, the CloudCenter platform requires you to add the following parameters to the existing JAVA_OPTS environment variable:

      REQUIRED – Add the following parameters to the JAVA_OPTS environment variable
      Sample /usr/local/tomcat/bin/setenv.sh with added parameters in JAVA_OPTS
    3. Additional parameters may be required if the CCM or CCO servers need to reach network resources, bypassing the proxy.

      OPTIONAL – Sample /usr/local/tomcat/bin/setenv.sh bypassing the proxy
    4. Restart the Tomcat service.

    5. Verify that the proxy settings are in effect by issuing the ps aux | grep java command.

      Output of the ps aux | grep java command

      Ensure that line -Dhttp.proxyHost=proxy.cisco.com -Dhttp.proxyPort=80 -Dhttp.nonProxyHosts=10.1.1.1 is present in the output.

     

     

    MGMTPOSTGRES – Configure DB Access from CCM_SA

    To configure database access from the CCM_SA for MGMTPOSTGRES, follow this procedure.

      1. SSH into the CCM instance as a centos user.
      2. Run the following command:

    1. Invoke the CCM wizard and configure the CCM IP to enable database access to CCM_SA.

      CCM Wizard Path
    2. Enter the CCM_SA_IP in the CCM IP field to configure the PostgreSQL database access.
    3. Verify your changes and Exit the CCM configuration wizard.

    Configure CCM Wizard Properties

    To configure the CCM wizard properties, follow this procedure.

      1. SSH into the CCM instance as a CentOS user.
      2. Run the following command:

    1. Invoke the CCM wizard.

      CCM Wizard Path

       

      Configure the server properties.

      Write this down for future reference!

      Icon
      Write down the Field details in a printed version of the Installation Approach > Your Notes section for later use.

      Wizard Menu

      Field

      Description

      Mail

      The SMTP server details to send mail notifications. If you retain the default settings, the SMTP sever details are not configured.

      SMTP Host

      smtp.gmail.com

      SMTP PortDefaults to 465
      SMTP Auth

      Boolean setting

      • True = Authentication is required for the SMTP server.
      • False = Authentication is not required for the SMTP server.

      Mail_User

      The mail authentication and configuration details to send mail notifications. If you retain the default settings, the mail functionality is not be configured and emails are not sent.

      Mail User

      Your email address for the SMTP server

      Password

      The password to log into the SMTP server

      From User

      The email address (no reply) to initiate emails from the CCM server

      Display NameThe name to be displayed when you initiate emails from the CCM server
      Server_info (Required)Public DNS

      DNS (or IP address) of the CCM – Used by the CCO VM to communicate with the CCM VM.

      Monitor URL

      Monitor VM's complete URL. For example, https://<MON IP address>:8443.

      • Requires HTTPS protocol.
      • Used by the CCM VM to retrieve the health status from the Monitor VM.

      Hazelcast IP

      Private IP address of the CCM VM – Used internally by the CloudCenter platform. Required for HA Mode.

      External URL

      The CloudCenter External URL for the CCM server. Required for HA Mode.

      Config_App_Logo

      Used by the application profile templates.

      DB Password

      CCM NON-HA appliance mode derives this information automatically from the PostgreSQL database.

      CCM HA appliance mode does not have this information as the database and the CCM must both be configured to communicate with each other. As such, you must explicitly configure the application profile templates location in the database by providing the database information.

      The default DB password = cliqr

       

      Icon

      Be sure to change the default password immediately after your first login. See PostgreSQL Password for additional context.

      ESB_Info
      Required only if you installed Enterprise Service Bus (ESB), an optional component that is not installed in CloudCenter appliances by default.
      Rabbit Host

      The IP address or the hostname of the ESB AMQP server.

      Rabbit Port5671
      Management Server AddressThe IP address or the hostname of the CCM server.
      Notification Server AddressThe IP address or the hostname of the Notification server (ideally, the same as the CCM server).
      Trust Store PasswordThe trust store password for the ESB instance.
      Key Store PasswordThe key store password for the ESB instance.

      Network

       

      Hostname

      The CCM server's hostname – use the default if you are not making any changes.

      DBIP or Hostname

      DNS or IP of the database:

      • Local host: Default, does not include the flyway migrate configuration
      • Remote host, includes the flyway migrate configuration – see the last bullet in this row.
      Username

      Authenticated username for the database (either local or remote).

      Password

      Authenticated password for the database (either local or remote).

      Flyway Migrate

      Optional. Remote Host Configure the CCM to a remote database by providing the IP address of the remote database. When you provide the IP address, you see an additional screen to configure the flyway migrate process.

      • Yes: Flyway migration takes place.
      • No: Only the configuration files are updated.
      Icon

      DB configuration is required for standalone database deployments.

      ELK_InfoELK Host

      Specify the IP address for the ELK host (Monitor VM).

      Elasticsearch PortDisplays 8881 by default.
      Logstash PortDisplays 4560 by default.
      Kibana PortDisplays 8882 by default.
      ELK UserThe default ELK Username = logreader.
      ELK PasswordThe default ELK Password is re@d0nly (zero between d and n) (change this password after the initial login – see Download Log File for additional context).
      Host IdentifierA Unique ID for the server – be sure to prefix the unique identifier with CCM_ for example, CCM_1
      Host Identifier List

      Only applies to environments using the HA mode – provide a list of comma separated unique host identifiers for all ELK/Monitor hosts in a HA setup = for example, CCM_1,CCM_2,myCCM.

      Icon

      In an environment operating in HA mode, if you have two CCM instances with unique IDs configured as CCM_1,CCM_2 in their respective server.properties file, then this property should state CCM_1,CCM_2 in both CCM instances. Each CCM must be aware of the unique ID of the other CCM(s) when in HA mode.

      Config_Certs – Custom Certs MenuGenerate Certs
      • CloudCenter ID: A customer-assigned unique alphanumeric string to identify this CloudCenter deployment.
      • Company Name: The name of the company for which this certificate is being generated.
      Update CertsCerts Zip Path: Provide the path for the certs.zip file. The default path is /tmp/certs.zip.
    2. Exit the CCM configuration wizard.

    3. Select Yes, to restart the Tomcat service for the changes to take effect.

    You have successfully installed the CCM instance! You can now proceed to the next step:

    • If you are installing a Health Monitor component – see Health Monitor Installation (Optional)

  •  CCM HA

    Install CCM HA Using Appliance

    Icon

    To configure CCM in HA mode, you must use the following roles:

    • Database: MGMTPOSTGRES_MASTER and MGMTPOSTGRES_SLAVE (and if required, MGMTPOSTGRES_VIP)

    • CCM: CCM_SA_PRIMARY and CCM_SA_SECONDARY

      Icon

      Do not use the CCM or CCM_SA roles as those roles DO NOT allow you to configure high availability. See Virtual Appliance Overview and High Availability Best Practices for additional context.

    • Loadbalancer: CCM_LB


    Proxy Settings

    If you need a proxy server to connect to the internet, be sure to configure the Proxy setting for the Tomcat service on the CCM and CCO servers.

    To connect to the Internet using a proxy server, follow this process:

    1. Modify your proxy environment to reflect your proxy settings.
    2. In the /usr/local/tomcat/bin/setenv.sh file, the CloudCenter platform requires you to add the following parameters to the existing JAVA_OPTS environment variable:

      REQUIRED – Add the following parameters to the JAVA_OPTS environment variable
      Sample /usr/local/tomcat/bin/setenv.sh with added parameters in JAVA_OPTS
    3. Additional parameters may be required if the CCM or CCO servers need to reach network resources, bypassing the proxy.

      OPTIONAL – Sample /usr/local/tomcat/bin/setenv.sh bypassing the proxy
    4. Restart the Tomcat service.

    5. Verify that the proxy settings are in effect by issuing the ps aux | grep java command.

      Output of the ps aux | grep java command

      Ensure that line -Dhttp.proxyHost=proxy.cisco.com -Dhttp.proxyPort=80 -Dhttp.nonProxyHosts=10.1.1.1 is present in the output.

     

     

    Exchange MGMTPOSTGRES SSH Keys

    To exchange the SSH keys between the MGMTPOSTGRES_MASTER and MGMTPOSTGRES_SLAVE, follow this procedure.

    1. On the MGMTPOSTGRES_MASTER, execute the following to generate a new SSH key. 

    2. On MGMTPOSTGRES_SLAVE, if the .ssh directory does not exist, create it using the following commands before copying the files.

    3. Copy the id_rsa files (~/.ssh/id_rsa and ~/.ssh/id_rsa.pub) from MGMTPOSTGRES_MASTER to the same location on MGMTPOSTGRES_SLAVE.

    4. On the MGMTPOSTGRES_SLAVE, execute the following to generate a new SSH key.

    5. Verify mutual SSH access between the MGMTPOSTGRES_MASTER and MGMTPOSTGRES_SLAVE by running the following command on each VM.

    MGMTPOSTGRES_MASTER – Configure High Availability Properties

    To configure high availability for MGMTPOSTGRES_MASTER, follow this procedure.

      1. SSH into the DB instance as a centos user.
      2. Run the following command:

    1. Invoke the wizard.

      MGMTPOSTGRES Wizard Path
    2. Configure Postgres HA to ensure the PostgreSQL database HA and enter the information in each field as follows:

      Write this down for future reference!

      Icon
      Write down the Field details in a printed version of the Installation Approach > Your Notes section for later use.

      See Configure CCM Wizard Properties for other settings.

      Wizard Menu

      Field

      Description

      Configure_Postgres_HADB MasterThe hostname for the master database VM – not configurable.
      DB Master Private IPThe private IP address of the master database VM
      DB Slave HostnameThe hostname for the slave database VM
      DB Slave Private IPThe private IP address of the slave database VM

      VIP or EIP 

      The VIP/EIP IP for the database

      Icon

      Use your mouse to select this option.

       AWS Cloud Nuances for EIP
      To setup PostgreSQL as an RDS service in the SA or HA modes, see Configuring HA for PostgreSQL Database on AWS. 

      Once the details are entered, the database server begins replication configuration between the database servers followed by HA configuration and finally presents the following status messages.

      • Configuring database for HA ...

      • Configuring database for replication

    3. Exit the configuration wizard.

    4. Go to the command line for each PostgreSQL server and enter the following command to review the status of the database and the HA connectivity:
      # pcs status

      1. Ensure that the PCSD Status for both database servers are Online.
      2. Ensure that the Daemon Status for corosync, pacemaker and pcsd are active/disabled.

    CCM_SA_PRIMARY/SECONDARY – Exchange CCM SSH Keys

    To exchange the SSH keys between the CCM_SA_PRIMARY and CCM_SA_SECONDARY servers, follow this procedure.

    1. On the CCM_SA_PRIMARY, execute the following to generate a new SSH key. 

    2. Copy the id_rsa files (~/.ssh/id_rsa and ~/.ssh/id_rsa.pub) from CCM_SA_PRIMARY to the same location on the CCM_SA_SECONDARY. On the CCM_SA_SECONDARY, if the .ssh directory does not exist, create it using the following commands before copying the files!

    3. On the CCM_SA_SECONDARY, execute the following to add a new SSH key.

    4. Verify mutual SSH access between the CCM_SA_PRIMARY and CCM_SA_SECONDARY by running the following command on each VM.

     

    CCM_SA_PRIMARY – Configure HA Wizard Properties

    To configure high availability for CCM_SA_PRIMARY, follow this procedure.

      1. SSH into the CCM instance as a centos user.
      2. Run the following command:

    1. Invoke the CCM wizard.

      CCM Wizard Path

       

      Configure the properties.

      Write this down for future reference!

      Icon
      Write down the Field details in a printed version of the Installation Approach > Your Notes section for later use.

      Wizard Menu

      Field

      Description

      DB – Enter DB ParametersMaster Private IP
      and
      Slave Private IP

      The VIP/EIP for the master database and slave database. See Phase 1: Prepare Infrastructure > Cloud Nuances for additional context.

      Icon

      When you configure the MGMTPOSTGRES_MASTER – Configure High Availability Properties, you would have configured the VIP/EIP address for the db_config_wizard already. Similarly, you must provide the EIP/VIP address for the CCM_SA_PRIMARY and the CCM_SA_SECONDARY server.

      DB Username
      and
      DB Password

      The following credentials are pre-populated:

      Default username = cliqr (cannot be changed)

      Default password = cliqr (can be changed)

      Icon

      Be sure to change the default password immediately after your first login. See PostgreSQL Password for additional context.

      Configure_HAPrimary Node Private IPThe IP address of the primary CCM VM
      Secondary Node Private IP The IP address of the secondary CCM VM

      Public DNS

      Use the DNS or IP of the CCM_LB – Used by the CCO VM to communicate with the CCM VM.

      Hazelcast IP

      Provide either Public or Private IP address of the both primary and secondary CCM VM separated by comma. If the two CCM VMs are configured on:

      • The same network, then use the Private IP address.
      •  Different networks, then use the Public IP address.

      External URL

      Use the CCM_LB_IP:

       

      • Optional for non-HA CCM scenarios
      • Required for HA CCM scenarios 

    2. Once the details are entered, the database server begins replication configuration between the database servers followed by HA configuration and finally presents the following status messages.

      • Configuring CCM HA ...
      • Restart server (with the progress bar)
      • Configured CCM HA successfully
      Icon

      After configuring HA on the CCM primary server, the following message is displayed:
      Restarting secondary ccm tomcat failed due to cliqruser may not have sudo permission.

      At this point, you must manually restart tomcat on the secondary CCM server.

    3. Run the following command on the CCM secondary server to restart the Tomcat server.


    4. Exit the CCM configuration wizard.

    CCM_LB

    Icon

    See CCM Firewall Rules > CCM_LB Ports for the complete list of ports that need to be open for your deployment.


    Here is a sample configuration to load balance a CentOS7.x VM with HAProxy for the CCM.

    1. SSH into the VM instance using the key pair that you used to launch the VM.
    2. Install HAProxy as the root user. 

    3. Create .pem files for haproxy configuration for CCM_LB in the CCM Primary server.
      1. Run the following commands.

        Icon

        You can name the mgmtserver and ca pem files as required for your environment, however, be sure to append them with the .pem extension.

         

      2. Place the mgmtserver.pem and ca.pem files created earlier to the CCM_LB server in the  /etc/haproxy location.

       

    4. Append the following details to the HAProxy config file.

    5. Start the HAProxy service and verify that the status response is active.

    6. At this point, you must use HTTPS to invoke the CCM server. For example:

     

    Back to CCM (Required)

  • No labels