Cisco C9300 Deployment

  • 2 minute(s) read
Prev Next

Introduction

This document outlines how to deploy the Catchpoint enterprise-base docker image onto a Cisco C9300 device.

This guide was validated using a C9300-24T running IOS-X 17.15.5, following the Cisco documentation: https://developer.cisco.com/docs/app-hosting/getting-started-with-docker-applications-deployment/#getting-started.

There are two steps to the deployment - firstly, a package suitable for your device needs to be built using Cisco’s ioxclient.  Once built, that package can be deployed on multiple devices.

Package the Docker Image for IOx (Linux only)

Prerequisites

  • skopeo for converting the OCI container

  • ioxclient for building the Cisco image

  1. Pull the enterprise-base docker image from Catchpoint’s repo (https://hub.docker.com/r/catchpoint/enterprise-base):

docker pull catchpoint/enterprise-base:preview

  1. Use skopeo to extract the rootfs: 

skopeo copy   docker-daemon:catchpoint/enterprise-base:preview   docker-archive:rootfs.tar:catchpoint/enterprise-base:preview

  1. Create a folder called package.yaml with the following content:

descriptor-schema-version: "2.4
info:
  name: cp-enterprise-base
  description: "Catchpoint Enterprise Base"
  version: "1.0"
  author-name: "Catchpoint"
  author-link: "https://www.catchpoint.com"
app:
  type: docker
  cpuarch: x86_64
  resources:
    profile: exclusive
    disk: 60000
    network:
      - interface-name: eth0
  startup:
    rootfs: rootfs.tar
    target: ["/bin/sh", "/entrypoint.sh"]

  1. Your directory should contain the following:

    • package.yaml

    • rootfs.tar

  2. Use ioxclient to package the docker image:

ioxclient package ——skip-signing .

You should now have a file called package.tar.

Deployment

Prerequisites

  • Cisco USB storage connected to the Cisco C9300

  • App hosting enabled on the Cisco C9300 (requires the DNA-Advantage license).

    • This can be checked by running show iox via the Cisco CLI, and confirming the IOx services are running as expected

  • Application signature disabled

    • This can be checked by running show app-hosting infra and confirming that App signature verification: disabled is displayed.

    • Note that this is required by Cisco for all third party applications

The package can be installed either via the UI or the CLI.

CLI Instructions

  1. Assuming the package (package.tar) is uploaded to usbflash1, run the following command:

app-hosting install appid cpenterprisebase package usbflash1:package.tar

This will take a couple of minutes, you can check progress via the show app-hosting list command.  Once the app shows as deployed, move onto the next step.

  1. Enter config mode and apply the appropriate docker flags:

conf t
app-hosting appid cpenterprisebase
    app-resource docker
      run-opts 1 "--env CP_INSTANCEID=123456ABCDEF"
      run-opts 2 "--hostname your_hostname"
end

The unique CP_INSTANCEID can be any combination of 12 alphanumeric characters.  It is highly recommended to include a hostname via --hostname to simplify registration of the instance.

  1. Activate the application:

app-hosting activate appid cpenterprisebase

  1. Start the application:

app-hosting start appid cpenterprisebase

You should see the following message:
cpenterprisebase started successfully

Current state is: RUNNING

  1. Register the container following the instructions here: https://docs.catchpoint.com/docs/linux-enterprise-install-guide#activating-an-instance-on-portal

UI Instructions

  1. Open the IOx management console (Configuration > Services > IOx):

  1. Choose “Add New” and select the saved package, using the name cpenterprisebase:
     

  2. The application is successfully deployed:


  1. Verify that the following settings are automatically applied (after clicking “Activate”):

    • Profile - Exclusive

    • Disk - 60000MB

  2. Each container needs a unique Instance ID specified in the Docker Options section using the format --env CP_INSTANCEID=123456ABCDEF. The unique ID can be any combination of 12 alphanumeric characters.  You can also specify the hostname using the command -h hostname_to_use.  If you do not specify a hostname, a random string will be created.  It is highly recommended to include a hostname to make troubleshooting and registration simpler.

  3. Once the application is activated, it can be started with the “Start” button:

  1. Register the container following the instructions (https://docs.catchpoint.com/docs/linux-enterprise-install-guide#activating-an-instance-on-portal) you will be able to see the instance available in the portal:
     

Troubleshooting

Most troubleshooting steps are performed via the CLI.

Connect to a console session via the following command:

app-hosting connect appid cpenterprisebase session

This will land you at a shell prompt inside the container:

sh-4.4#

From there, the Catchpoint utility can be used for normal troubleshooting steps, along with regular Linux commands.