Add Devices to the Inventory
There are different ways to add devices to Crosswork. Each has its own set of prerequisites, which you must fulfill if the device addition is to succeed. Ensure that your devices are configured properly for communication and telemetry. See guidelines and example configurations in Telemetry Prerequisites for New Devices and Sample Configuration for Cisco NSO Devices.
In order of preference for most users, the methods and their prerequisites are:
-
Importing devices using the Crosswork APIs: : This is the fastest and most efficient of all the methods, but requires programming skills and API knowledge. For more, see the Inventory Management APIs On Cisco Devnet.
-
Importing devices from a Devices CSV file: This method is time-consuming and error-prone, as you must create and format all of the data yourself beforehand (including not only devices, but also the providers, credential profiles and tags), and then ensure all of these items are properly associated with the devices after the CSV import. To succeed with this method, you must first:
-
Create the provider(s) that will be associated with the devices. See About Adding Providers.
-
Create corresponding credential profiles for all of the devices and providers listed in the CSV file. See Create Credential Profiles.
-
Create tags for use in grouping the new devices. See Create Tags.
-
Download the CSV template file from Crosswork and populate it with all the devices you will need.
-
-
Adding them via the UI: This method is the least error-prone of the three methods, as all data is validated during entry. It is also the most time-consuming, being suitable only for adding a few devices at a time. Note that the providers, credential profiles and tags you want to apply to them must exist beforehand. For more information, see Add Devices Through the UI.
-
Auto-onboarding from a Cisco SR-PCE provider: This method is highly automated and relatively simple. Note that the device and provider credential profiles and tags you want to apply to these devices must exist beforehand. After onboarding devices from this source, you will need to edit each device to add device information that is not automatically discovered. For more information, see the provider properties in Add Cisco SR-PCE Providers.
-
Auto-onboarding using Zero Touch Provisioning: This method is automated, but requires that you create device entries first and modify your installation's DHCP server. Note that the device and provider credential profiles and tags you want to apply to these devices must exist beforehand. After provisioning and onboarding devices using this method, you will need to edit each device to add information that is not automatically supplied. For more information, see Zero Touch Provisioning.
Note |
Cisco Crosswork only supports single-stack deployment modes. The devices can be onboarded with either an IPv4 address or an IPv6 address, not both. If a device onboarded in Cisco Crosswork is on the same subnet as a Cisco Crosswork Data Gateway interface, then it must be on the Cisco Crosswork Data Gateway's southbound network. This is because Cisco Crosswork Data Gateway implements RPF checks and the source address of devices cannot be on the management or northbound networks if multitple NICs (2 or 3 NIC) are deployed. |
Telemetry Prerequisites for New Devices
Before onboarding new devices, you must ensure that the devices are configured to collect and transmit telemetry data successfully with Cisco Crosswork. The following sections provide sample configurations for several telemetry options, including SNMP, NETCONF, SSH and Telnet. Use them as a guide to configuring the devices you plan to manage.
Pre-Onboarding Device Configuration
Note |
Only SNMPv2 and SNMPv3 (NoAuth/NoPriv) traps are supported. |
The following commands provide a sample pre-onboarding device configuration that sets the correct SNMPv2 and NETCONF configuration, and SSH and Telnet rate limits. The NETCONF setting is only needed if the device is MDT-capable.
logging console debugging
logging monitor debugging
telnet vrf default ipv4 server max-servers 100
telnet vrf default ipv6 server max-servers 100
crypto key generate rsa
exec-timeout 0 0
width 107
length 37
absolute-timeout 0
!
snmp-server community public RO
snmp-server community robot-demo2 RO
snmp-server ifindex persist
ntp
server <NTPServerIPAddress>
!
ssh server v2
ssh server vrf default
ssh server netconf vrf default
ssh server logging
ssh server rate-limit 100
ssh server session-limit 100
!
netconf agent tty
!
netconf-yang agent
ssh
!
SNMPv3 Pre-Onboarding Device Configuration
If you want to enable SNMPv3 data collection, repeat the SNMPv2 configuration commands in the previous section, and add the following commands:
snmp-server group grpauthpriv v3 priv notify v1default
snmp-server user <user-ID> grpauthpriv v3 auth md5 <password> priv aes 128 <password>
Sample Configuration for Cisco NSO Devices
If you plan to use Cisco Network Services Orchestrator (Cisco NSO) as a provider to configure devices managed by Cisco Crosswork, be sure that the Cisco NSO device configurations observe the guidelines in the following example.
This example shows a Cisco NSO configuration that uses the hostname as the device ID. If you are using a CSV file to import devices, use ROBOT_PROVDEVKEY_HOST_NAME as the enum value for the provider_node_key field. The example hostname RouterFremont used here must match the hostname for the device in the CSV file.
configure
set devices device RouterFremont address 198.18.1.11 port 22
set devices device RouterSFO address 198.18.1.12 port 830
In the following example, we are creating an authgroup called "cisco", with a remote name and password of "cisco". Next, we are setting all the devices that have a name starting with "Router" to a device type of "netconf" using the ned-id "cisco-iosxr-nc-6.6". Finally, we are assigning all of the devices with a name starting with "Router" to the "cisco" authgroup. Edit these settings to match your environment:
set devices authgroups group cisco default-map remote-name cisco remote-password cisco
set devices device Router* device-type netconf ned-id cisco-iosxr-nc-6.6
set devices device Router* authgroup cisco
The following CLI commands unlock and retrieve the SSH keys from all of the devices. Cisco NSO synchronizes itself with the devices by uploading each device's current configuration and then storing the present configuration. It is important to use these commands to ensure that the devices, Cisco NSO, and your Cisco Crosswork applications are starting from a common configuration:
set devices device Router* state admin-state unlocked
request devices device Router* ssh fetch-host-keys
request devices device Router* sync-from
commit
Add Devices Through the UI
Follow the steps below to add devices one by one, using the UI. Under normal circumstances, you will want to use this method only when adding a few devices.
Procedure
Step 1 |
From the main menu, choose . |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Step 2 |
Click . |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Step 3 |
Enter values for the new device, as listed in the table below. |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Step 4 |
Click Save. The Save button is disabled until all mandatory fields are completed. |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Step 5 |
(Optional) Repeat these steps to add more devices.
|
Add Devices By Import From CSV File
Complete the steps below to create a CSV file that specifies multiple devices and then import it into Crosswork.
Importing devices from a CSV file adds any devices not already in the database, and overwrites the data in any device record with an Inventory Key Type and device key field value that matches those of an imported device (this excludes the UUID, which is set by the system and not affected by import). For this reason, it is a good idea to export a backup copy of all your current devices before an import
Note |
|
Procedure
Step 1 |
From the main menu, choose The Network Devices tab is displayed by default. . |
||
Step 2 |
Click to open the Import CSV File dialog box. |
||
Step 3 |
If you have not already created a device CSV file to import: |
||
Step 4 |
Click Browse to navigate to the CSV file you just created and then click Open to select it. |
||
Step 5 |
With the CSV file selected, click Import.
|
||
Step 6 |
Resolve any errors and confirm device reachability. It is normal for devices to show as unreachable or not operational when they are first imported. However, if they are still displayed as unreachable or not operational after 30 minutes, there may be an issue that needs to be investigated. To investigate, select Status column. Common issues include failure to ensure the associated credential profile contains the correct credentials. You can test this by opening a terminal window on the server and then trying to access the device using the protocol and credentials specified in the associated credential profile. and click on any error icon you see in the |
||
Step 7 |
Once you have successfully onboarded the devices, you must map them to a Cisco Crosswork Data Gateway instance. |
Export Device Information to a CSV File
When you export the device list, all device information is exported to a CSV file. Exporting the device list is a handy way to keep a record of all devices in the system at one time. You can also edit the CSV file as needed, and re-import it to overwrite existing device data.
The exported device CSV file will contain only the name of the credential profile for each device, not the credentials themselves.
Procedure
Step 1 |
From the main menu, choose The Network Devices tab is displayed by default. . |
Step 2 |
(Optional) Filter the device list as needed. |
Step 3 |
Check the check boxes for the devices you want to export. Check the check box at the top of the column to select all the devices for export. |
Step 4 |
Click the . Your browser will prompt you to select a path and the file name to use when saving the CSV file, or to open it immediately |