Bido na Cisco DNA Center na AWS
Cisco DNA Center na AWS Overview
Rịba ama
Ejirila aha Cisco DNA Center ka Catalyst Center, yana Cisco DNA Center VA Launchpad ka ewegharịrị aha ya dị ka Cisco Global Launchpad. N'oge usoro nrụgharị aha, ị ga-ahụ aha mbụ na aha ewegharịrị aha nke ejiri n'akwụkwọ nkwekọrịta dị iche iche. Agbanyeghị, Cisco DNA Center na Catalyst Center na-ezo aka na otu ngwaahịa, yana Cisco DNA Center VA Launchpad na Cisco Global Launchpad na-ezo aka n'otu ngwaahịa ahụ.
Ebe Cisco DNA Center na-enye njikwa kensinammuo, nke na-eme ka ọ dị ngwa ma dị mfe imepụta, inye, na itinye amụma n'ofe netwọkụ gị. Ihe nrụnye onye ọrụ Cisco DNA Center na-enye ọhụhụ netwọkụ njedebe na njedebe ma na-eji nleba anya netwọkụ wee kwalite arụmọrụ netwọkụ wee wepụta onye ọrụ na ahụmịhe ngwa kachasị mma.
Cisco DNA Center dị na Amazon Web Ọrụ (AWS) na-enye ọrụ zuru oke nke ntinye ngwa ngwa Cisco DNA Center na-enye. Cisco DNA Center na AWS na-agba ọsọ na gburugburu igwe ojii AWS gị ma na-ejikwa netwọk gị site na igwe ojii.
Ụdị njikọ
- Direct Jikọọ
- SD-WAN
- Co-lo
- (IPsec Ọwara
Nkwanye gafereview
Enwere ụzọ atọ iji bunye Cisco DNA Center na AWS:
- Nkwanye akpaaka: Cisco Global Launchpad na-ahazi Cisco DNA Center na AWS. Ọ na-enyere gị aka ịmepụta ọrụ na akụrụngwa achọrọ maka akụrụngwa igwe ojii. Maka exampma, ọ na-enyere aka ịmepụta Virtual Private Clouds (VPCs), subnets, nche otu, IPsec VPN tunnels, na ọnụ ụzọ ámá. Mgbe ahụ Cisco DNA Center Amazon Machine Image (AMI) na-ebuga dị ka ihe atụ Amazon Elastic Compute Cloud (EC2) na nhazi ahaziri na VPC ọhụrụ yana subnets, ọnụ ụzọ ámá, na ihe ndị ọzọ dị mkpa dị ka Amazon CloudWatch maka nlekota, Amazon DynamoDB maka. nchekwa steeti, na otu nchekwa.
Cisco na-enye gị ụzọ abụọ iji Cisco Global Launchpad. Ị nwere ike ibudata ma wụnye Cisco Global Launchpad na igwe mpaghara, ma ọ bụ ị nwere ike ịnweta Cisco Global Launchpad nke Cisco kwadoro. N'agbanyeghị usoro ahụ, Cisco Global Launchpad na-enye ngwaọrụ ndị ịchọrọ iji wụnye na jikwaa Cisco DNA Center Virtual Appliance (VA).
Maka ozi ndị ọzọ, lee Tinyegharịa Iji Cisco Global Launchpad 1.8 ma ọ bụ tinye ya na iji Cisco Global Launchpad 1.7. - Nkwanye akwụkwọ ntuziaka Iji AWS CloudFormation: Ị na-eji aka na-ebuga Cisco DNA Center AMI na AWS gị. Kama iji Cisco Global Launchpad ntinye ngwá ọrụ, ị na-eji AWS CloudFormation, nke bụ ngwá ọrụ ntinye n'ime AWS. Mgbe ahụ, ị na-eji aka hazie Cisco DNA Center site na ịmepụta akụrụngwa AWS, guzobe ọwara VPN, na ibuga Cisco DNA Center VA gị. Maka ozi ndị ọzọ, hụ Tinye AWS CloudFormation.
- Nkwanye aka na-eji AWS Market Ebe: Ị na-eji aka na-ebuga Cisco DNA Center AMI na akaụntụ AWS gị. Kama iji Cisco Global Launchpad deployment tool, ị na-eji AWS Marketplace, nke bụ ụlọ ahịa ngwanrọ n'ịntanetị n'ime AWS. Ị na-ebupụta ngwanro ahụ site na ngwa ngwa Amazon EC2, wee jiri aka gị bufee Cisco DNA Center site na ịmepụta akụrụngwa AWS, guzobe ọwara VPN, na ịhazi Cisco DNA Center VA gị. Mara na maka usoro mbusa a, naanị Mwepụta site na EC2 ka akwadoro. Nhọrọ mmalite abụọ ndị ọzọ (Mwepụta si Webakwadoghị saịtị na Detuo na katalọgụ Ọrụ) Maka ozi ndị ọzọ, hụ Nyefee Iji AWS Marketplace.
Ọ bụrụ na ị nwere ahụmịhe dị ntakịrị na nchịkwa AWS, usoro akpaghị aka na Cisco Global Launchpad na-enye usoro ntinye nkwado kachasị mma. Ọ bụrụ na ị maara nke ọma na nchịkwa AWS ma nwee VPC dị adị, usoro ntuziaka na-enye usoro ntinye ọzọ.
Tụlee uru na ihe ndọghachi azụ nke usoro ọ bụla na tebụl ndị a:
| Nkwanye akpaaka na Cisco Global Launchpad | Ntinye akwụkwọ ntuziaka Iji AWS CloudFormation | Nkwanye akwụkwọ ntuziaka Iji AWS Market |
| • Ọ na-enyere aka ịmepụta akụrụngwa AWS, dị ka VPCs, subnets, otu nchekwa, IPsec VPN tunnels, na ọnụ ụzọ ámá, na akaụntụ AWS gị. • Ọ na-akpaghị aka mezue echichi nke Cisco DNA Ebe etiti. • Ọ na-enye ohere ịnweta VA gị. • Ọ na-enye njikwa nke VA gị. • Oge nnyefe bụ ihe dịka 1-1½ awa. • A na-ezigara ọkwa akpaghị aka na Amazon CloudWatch gị dashboard. • Ị nwere ike ịhọrọ n'etiti igwe ojii akpaghị aka ma ọ bụ netwọk ụlọ ọrụ File ndabere sistemụ (NFS). • Mgbanwe akwụkwọ ntuziaka ọ bụla emere na nhazi nhazi akpaghị aka nke Cisco DNA Center na AWS nwere ike ịkpata esemokwu na ntinye akpaghị aka. |
• The AWS CloudFormation file achọrọ ka ịmepụta Cisco DNA Center VA na AWS. • Ị mepụtara akụrụngwa AWS, dị ka VPCs, subnets, na otu nchekwa, na akaụntụ AWS gị. • Ị na-eguzobe ọwara VPN. • Ị na-ebuga Cisco DNA Center. • Oge nnyefe dị ihe dịka awa ole na ole ruo ụbọchị ole na ole. • Ịkwesịrị iji aka hazie nlekota site na njikwa AWS. • Ị nwere ike hazie naanị NFS dị na ogige maka nkwado ndabere. |
• The AWS CloudFormation file a chọghị ka ịmepụta a Cisco DNA Center VA na AWS. • Ị mepụtara akụrụngwa AWS, dị ka VPCs, subnets, na otu nchekwa, na akaụntụ AWS gị. • Ị na-eguzobe ọwara VPN. • Ị na-ebuga Cisco DNA Center. • Oge nnyefe dị ihe dịka awa ole na ole ruo ụbọchị ole na ole. • Ịkwesịrị iji aka hazie nlekota site na njikwa AWS. • Ị nwere ike hazie naanị NFS dị na ogige maka nkwado ndabere. |
Kwadebe maka ntinye
Tupu ibunye Cisco DNA Center na AWS, tụlee ihe netwọk gị chọrọ ma ọ bụrụ na ị ga-achọ imejuputa Cisco DNA Center na ntinye AWS na otu ị ga-esi nweta Cisco DNA Center na AWS.
Na mgbakwunye, Cisco na-atụ aro ka ị nyochaa na Cisco DNA Center VA TAR file ị ebudatara bụ ezigbo Cisco TAR file. Hụ Nyochaa Cisco DNA Center VA TAR File, na ibe 6.
Nnukwu nnweta na Cisco DNA Center na AWS
Ụlọ ọrụ Cisco DNA Center na mmejuputa oke nnweta AWS (HA) bụ nke a:
- Otu ọnụ ọnụ EC2 HA n'ime Mpaghara Nnweta (AZ) ka enyere ya na ndabara.
- Ọ bụrụ na ihe atụ Cisco DNA Center EC2 dara, AWS na-ewelite ihe atụ ọzọ na otu adreesị IP ahụ ozugbo. Nke a na-eme ka njikọta na-akwụsịghị akwụsị ma na-ebelata ọgbaghara n'oge ọrụ netwọk dị oke mkpa.
Rịba ama
Ọ bụrụ na ị na-ebuga Cisco DNA Center na AWS site na iji Cisco Global Launchpad, Hapụ 1.5.0 ma ọ bụ na mbụ na ihe atụ Cisco DNA Center EC2 dara, AWS na-ebute ihe atụ ọzọ na-akpaghị aka n'otu AZ. N'okwu a, AWS nwere ike ịnye Cisco DNA Center adreesị IP dị iche. - Ahụmịhe na ebumnobi oge mgbake (RTO) yiri ike gịtagn'usoro n'ime ngwa Cisco DNA Center nke igwe anaghị agba nchara.
Ntuziaka maka ijikọ Cisco ISE na AWS na Cisco DNA Center na AWS
Enwere ike ijikọ Cisco ISE na AWS na Cisco DNA Center na AWS. Iji jikọta ha ọnụ na igwe ojii, tulee ntuziaka ndị a:
- Ekwesịrị ibuga Cisco ISE na AWS na VPC dị iche site na nke edobere maka Cisco Global Launchpad.
- VPC maka Cisco ISE na AWS nwere ike ịbụ n'otu mpaghara ma ọ bụ mpaghara dị iche iche site na VPC maka Cisco DNA Center na AWS.
- Ị nwere ike iji VPC ma ọ bụ Transit Gateway (TGW) peering, dabere na gburugburu gị.
- Iji jikọọ Cisco DNA Center na AWS na Cisco ISE na AWS site na iji VPC ma ọ bụ TGW peering, gbakwunye ntinye ntụgharị achọrọ na tebụl ụzọ VPC ma ọ bụ TGW na tebụl ụzọ nke agbakwunyere na subnet jikọtara ya na Cisco DNA Center na. AWS ma ọ bụ Cisco ISE na AWS.
- Cisco Global Launchpad enweghị ike ịchọpụta mgbanwe ọ bụla na-apụ apụ na ụlọ ọrụ nke Cisco Global Launchpad mepụtara. Ụlọ ọrụ ndị a gụnyere VPCs, VPNs, TGWs, TGW Mgbakwụnye, subnets, routing, na ndị ọzọ. Maka examplee, ọ ga-ekwe omume ihichapụ ma ọ bụ gbanwee VA pod nke Cisco Global Launchpad mepụtara site na ngwa ọzọ, na Cisco Global Launchpad agaghị ama maka mgbanwe a.
Na mgbakwunye na iwu nnweta bụ isi, ịkwesịrị ịhapụ ọdụ ụgbọ mmiri inbound ndị a maka ijikọ otu nchekwa na ihe atụ Cisco ISE na igwe ojii:
- Maka Cisco DNA Center na AWS na Cisco ISE na ntinye AWS, kwe ka ọdụ ụgbọ mmiri TCP 9060 na 8910.
- Maka nyocha radius, kwe ka ọdụ ụgbọ mmiri UDP 1812, 1813 na ọdụ ụgbọ mmiri ọ bụla enyere aka.
- Maka njikwa ngwaọrụ site na TACACS, hapụ ọdụ ụgbọ mmiri TCP 49.
- Maka ntọala ndị ọzọ, dị ka Datagram Transport Layer Security (DTLS) ma ọ bụ RADIUS Change of ikike (CoA) emere na Cisco ISE na AWS, nye ohere ọdụ ụgbọ mmiri kwekọrọ.
Ntuziaka maka ịnweta Cisco DNA Center na AWS
Mgbe ịmechara ihe atụ nke Cisco DNA Center, ị nwere ike nweta ya site na Cisco DNA Center GUI na CLI.
Ihe dị mkpa
Cisco DNA Center GUI na CLI na-enweta naanị site na netwọk Enterprise, ọ bụghị site na netwọk ọha. Site na usoro mbugharị akpaaka, Cisco Global Launchpad na-ahụ na a na-enweta Cisco DNA Center naanị site na intranet Enterprise. Site na usoro ntinye akwụkwọ ntuziaka, ịkwesịrị ịhụ na Cisco DNA Center adịghị enweta na ịntanetị ọha maka ebumnuche nchekwa.
Ntuziaka maka ịnweta Cisco DNA Center GUI
Iji nweta Cisco DNA Center GUI:
- Jiri ihe nchọgharị akwadoro. Maka ndepụta ihe nchọgharị akwadoro ugbu a, lee ndetu mwepụta maka Cisco Global Launchpad.
- N'ihe nchọgharị, tinye adreesị IP nke Cisco DNA Center gị n'ụdị a: http://ip-address/dna/home
Maka exampLe: http://192.0.2.27/dna/home - Jiri nzere ndị a maka nbanye mbụ:
Aha njirimara: admin
Okwuntughe: maglev1@3
Rịba ama
Ị ga-agbanwe paswọọdụ a mgbe ị banyere na Cisco DNA Center nke mbụ. Okwuntughe kwesịrị:
- Wepụ nkwụsịtụ taabụ ma ọ bụ ahịrị ọ bụla
- Nwee opekata mpe mkpụrụedemede asatọ
- Nwere mkpụrụedemede sitere na opekata mpe atọ n'ime ngalaba ndị a:
- mkpụrụedemede obere (az)
- mkpụrụedemede ukwu (AZ)
- Ọnụọgụ (0-9)
- Ụmụ agwa pụrụ iche (maka example,! ma ọ bụ #)
Ntuziaka maka ịnweta Cisco DNA Center CLI
Iji nweta Cisco DNA Center CLI:
- Jiri adreesị IP na igodo kwekọrọ na usoro ị jiri bufee Cisco DNA Center:
- Ọ bụrụ na ibugara Cisco DNA Center site na iji Cisco Global Launchpad, jiri adreesị IP na igodo Cisco Global Launchpad nyere.
- Ọ bụrụ na iji aka were AWS bufee Cisco DNA Center, jiri adreesị IP na igodo AWS nyere.
Rịba ama
Igodo ga-abụrịrị .pem file. Ọ bụrụ igodo file ebudatara dị ka igodo.cer file, ikwesiri imeghari aha ya file na igodo.pem.
- Jiri aka gbanwee ikike ịnweta igodo.pem file ka 400. Jiri Linux chmod iwu ịgbanwe ikike ịnweta. Maka example: chmod 400 igodo.pem
- Jiri iwu Linux ndị a iji nweta Cisco DNA Center CLI: ssh -i key.pem maglev@ip-address -p 2222
Maka example: ssh -i key.pem maglev@192.0.2.27 -p 2222
Nyochaa Cisco DNA Center VA TAR File
Tupu ibuga Cisco DNA Center VA, anyị na-akwadosi ike ka ị nyochaa nke ahụ TAR file ị ebudatara bụ ezigbo Cisco TAR file.
Tupu ịmalite
Gbaa mbọ hụ na ị budatala Cisco DNA Center VA TAR file site na saịtị nbudata ngwanrọ Cisco.
Usoro
Nzọụkwụ 1
Budata igodo ọha Cisco (cisco_image_verification_key.pub) maka nkwenye mbinye aka na ebe Cisco kwuru.
Nzọụkwụ 2
Budata hash algọridim (SHA512) checksum file maka TAR file site na ebe Cisco kwuru.
Nzọụkwụ 3
Nweta TAR filembinye aka file (.sig) site na nkwado Cisco site na email ma ọ bụ site na nbudata na Cisco echekwara websaịtị (ọ bụrụ na ọ dị).
Nzọụkwụ 4
(Nhọrọ) Mee nkwenye SHA iji chọpụta ma TAR file na-emebi emebi n'ihi nbudata akụkụ ụfọdụ.
Dabere na sistemụ arụmọrụ gị, tinye otu n'ime iwu ndị a:
- Na sistemụ Linux: sha512sumfile-fileaha>
- Na sistemụ Mac: shasum-a 512file-fileaha>
Microsoft Windows anaghị agụnye akụrụngwa checksum arụnyere, mana ị nwere ike iji ngwa certutil: certutil -hashfile <fileaha> sha256
Maka example: certutil -hashfile D:\Customers\Launchpad-desktop-server-1.x.0.tar.gz sha256
Na Windows, ị nwekwara ike iji Windows PowerShell mepụta mgbaze. Maka exampLe:
PS C: Ndị ọrụ nchịkwa> Nweta-FileHash - Ụzọ
D:\Customers\Launchpad-desktop-server-1.x.0.tar.gz
Algorithm Hash Ụzọ
SHA256 D:\Customers\Launchpad-desktop-server-1.x.0.tar.gz
Tụlee mmepụta iwu na SHA512 checksum file nke ị budata. Ọ bụrụ na mmepụta iwu adabaghị, budata TAR file ọzọ wee gbaa iwu kwesịrị ekwesị nke ugboro abụọ. Ọ bụrụ na mmepụta ahụ adabaghị, kpọtụrụ nkwado Cisco.
Nzọụkwụ 5
Chọpụta na TAR file bụ ezigbo yana site na Cisco site na ịnwapụta mbinye aka ya:
openssl dgst -sha512 -verify cisco_image_verification_key.pub -signaturefileaha>file-fileaha>
Rịba ama
Iwu a na-arụ ọrụ na gburugburu Mac na Linux. Maka Windows, ị ga-ebudata ma wụnye OpenSSL (nke dị na saịtị nbudata OpenSSL) ma ọ bụrụ na ịmebeghị ya.
Ọ bụrụ na TAR file Ọ bụ eziokwu, iji iwu a na-egosiputa ozi OK egosipụtara. Ọ bụrụ na ozi a apụtaghị, etinyela TAR file ma kpọtụrụ nkwado Cisco.
Akwụkwọ / akụrụngwa
 |
CISCO Malite na DNA Center na AWS [pdf] Akwụkwọ ntuziaka onye ọrụ Malite na DNA Center na AWS, Malite na DNA Center na AWS, DNA Center na AWS, Center na AWS |
