Cisco Cloud Native Broadband Router Maintenance

Cisco cnBR enables you to perform software upgrades seamlessly, and without disrupting any of the services. You can continuously deploy new services and features with minimal downtime.

RPD Secure Software Download

The cnBR Manager provides automated ways to securely download and activate software images to RPDs.

The secure software download (SSD) feature helps you to authenticate the source of a file and verify the integrity of the downloaded code before you use it in your system. The SSD feature is applicable to Remote PHY (R-PHY) devices installed in unsecure locations.

Prerequisites

To use SSD, the following prerequisites must be met:

  • For Non-Express mode: The RPD software image is available at an external TFTP or HTTP image server. The image server is where the software image is stored, and can be accessed by RPD.

  • For Express mode: The RPD software image is available in the Cisco Operations Hub. Ensure that RPD has connectivity to the management IP of Cisco Operations Hub.

  • Ensure that code validation certificates are available. For more information, go through the Add Code Validation Certificates topic.

Upload Software Image for RPD

For Express-mode of SSD, upload the software image to the cnBR Manager. Complete the following steps:

Procedure

Step 1

Enter the Cisco Operations Hub URL https://{Hostname} in the web browser.

Step 2

On the Cisco Operations Hub, click the Cisco Operations Hub main menu button.

Step 3

Choose cnBR Manager > Remote PHY Devices to open Remote PHY Devices page.

Step 4

Click Image Management to open RPD Image pane.

Step 5

Click Choose file to select the RPD software image file that you want to upload.

Step 6

Click Upload.

To delete any of the listed software image files, click the X icon that appears against the image name.

Download Software Image for RPD

Download the software image from the specified server. The software image is available on an external TFTP or HTTP image server.

To download an RPD software image using SSD, complete the following steps:

Procedure

Step 1

Manually upload the software image to the external image server.
Step 2

Add code validation certificates.
Step 3

Upgrade the software image.

Note 

You need to download the software image for RPD only for Non-Express mode. For Express mode, the image is available in the Operations Hub.

Add Code Validation Certificates

To authenticate the source and verify the integrity of the software image, Cisco cnBR uses the following two types of RPD code validation certificates (CVC).

  • M-CVC: The type of CVC released along with the Cisco RPD software image. Contact Cisco Support to get the M-CVC.

  • C-CVC: The type of CVC created and signed through Manufacturer’s Statement of Origin (MSO). When CVCs are available, upload them using the following procedure:

Procedure

Step 1

Enter the Cisco Operations Hub URL https://{Hostname} in the web browser.

Step 2

On the Cisco Operations Hub, click the Cisco Operations Hub main menu button.

Step 3

Choose cnBR Manager > Remote PHY Devices to open Remote PHY Devices page.

Step 4

Click Code Validation Check to open RPD Code Validation Check pane.

Step 5

Copy the contents from the CVC file to the appropriate text box and click Add.

Upgrade the Software Image

To upgrade the software, complete the following steps:

Procedure

Step 1

Enter the Cisco Operations Hub URL https://{Hostname} in the web browser.

Step 2

On the Cisco Operations Hub, click the Cisco Operations Hub main menu button.

Step 3

Choose cnBR Manager > Remote PHY Devices to open Remote PHY Devices page.

Step 4

Click Secure Software Download to open RPD Secure Software Download pane.

Step 5

Scroll down the page and use the toggle button to choose to upgrade using either of the following options:

  • Express Mode

  • Non-Express Mode

Upgrade RPD in Express Mode

Complete the following steps to upgrade the RPD software in Express mode:


Note
Express mode works only with HTTP on PORT 80.
Procedure
Step 1

In the RPD Secure Software Download pane, click On in the toggle button to choose the Express Mode option.

This step enables the Express mode, and the corresponding text fields are visible.
Step 2

Enter the following details in the appropriate text fields:

Field

Description

RPD Image

Choose the image from the list of available images in the drop-down list.

Ensure that the RPD is able to reach the Cisco Operations Hub management IP.

Step 3

Filter out the required RPDs by using the search field in the RPD Summary section. The list depicts the target RPDs for upgrade.

Step 4

Click Upgrade Now to upgrade the image without a reboot. Alternatively, you can also choose to upgrade during the next reboot by clicking Save Configuration.

Upgrade RPD in Non-Express Mode

Complete the following steps to upgrade the RPD software in Non-Express mode:

Procedure
Step 1

In the RPD Secure Software Download pane, click Off in the Express Mode toggle button to choose the non-Express Mode option.

This step enables the Non-Express mode.
Step 2

Enter the following details in the appropriate text fields:

Field

Description

Image Server

Address of the server that stores the software image, and from where RPDs can access the software images.

Image Path

The relative path of the RPD software image on the server. The file is available in the default directory of the image server.

Method

HTTP or TFTP for RPD download SSD image.

M-CVC

Indicator showing whether the certificate is valid or not.

C-CVC

Indicator showing whether the certificate is valid or not.

Ensure that the RPD is able to reach the Cisco Operations Hub management IP.

Step 3

Filter out the target RPDs by using the search field in the RPD Summary section. The RPDs in this list of RPDs are the target RPDs for upgrade.

Step 4

Click Upgrade Now to upgrade the image without a reboot. Alternatively, you can also choose to upgrade during the next reboot, by clicking Save Configuration.

Monitor RPD and SSD State

The RPD SSD window provides options to monitor and trigger SSD operations. A dashboard, displaying three pie charts, provides details of the RPD status and metrics. Access this dashboard under the Cisco Operations Hub > cnBR Manager > Remote PHY Devices > Secure Software Download.

  • RPD State: Displays the states of RPDs that are upgraded. During the upgrade process, the RPD becomes offline and then returns online.

  • Software Version: Shows the number of RPDs for each RPD software version.

  • SSD State: Shows various phases of the SSD progress of RPDs.

RPD Summary

The RPD Summary table provides details of RPDs which can be upgraded. You can also search for a specific RPD or set of RPDs that can be upgraded. The following table explains the fields in the RPD Summary pane.

This table explains the fields in the RPD Summary pane.

Field

Description

Name

Name of the RPD.

MAC Address

MAC address of the RPD.

Service Group

Service group ID of the RPD.

IPv4 Address

IPv4 address of the RPD.

IPv6 Address

IPv6 address of the RPD.

State

Status of the RPD:

  • online

  • offline

CCMTS ID

Host name of the Cisco cnBR application.

Example: cnbr1.cisco.com

SSD State

Phase of the SSD progress.

Software Version

Version of the software running on the RPD.

Online Timestamp

Time when the RPD became online.

Service Group Operations

This table lists the features and the releases in which the feature was introduced and gives a small description of the feature.

Table 1. Feature History

Feature Name

Release Information

Feature Description

Service Group Operations

Cisco cnBR 21.1

You can view the worker-node each service group is running on and move service groups from one worker-node to another. This allows you to balance workloads across worker-nodes. You have better visibility and management on the service groups and the worker-nodes that they are running on.

Cisco cnBR enables you to move Data-over-Cable Systems Interface Standard (DOCSIS) service group workloads to other Cisco cnBR nodes during maintenance and troubleshooting activities. The Service Group related operations help avoid service interruptions during maintenance activities and help balance workloads across nodes.

Move Service Groups

You can move DOCSIS service groups across nodes. Moving Service Groups allows nodes to balance the Service Group workloads effectively. You can move one or multiple Service Groups using the cnBR Manager.

Perform the following steps to move Service Groups.

Procedure

Step 1

On the Cisco Operations Hub, click cnBR Manager > cnBRs.

Step 2

On the navigation panel, click Service Group Operations.

Step 3

Select an available Cisco cnBR cluster from the drop-down list.

The table displays the nodes for the selected cluster.
Step 4

Select a node and click Move Service Groups.

The right panel lists down the available Service Groups for that node.
Step 5

Click the plus icon next to the Service Group to select a target Service Group.
Step 6

Select the destination node from the drop-down list.
Step 7

Click Move to trigger the move operation.

The status of the host and destination nodes changes to SG Moving. On completion of the operation, the Cisco Operations Hub updates Service Group information in the table.

Drain the Node

You can drain a node by moving all the DOCSIS service group workloads from the node. Draining allows you to safely remove the node from the cluster, allowing other nodes to take up workloads.

Perform the following steps to drain a node.

Procedure

Step 1

Click Cisco Operations Hub > cnBR Manager > cnBRs > Service Group Operations.

Step 2

On the Service Group Operations panel, select an available Cisco cnBR cluster from the drop-down list. The table displays the nodes for the selected cluster.

Step 3

Select a node, click Drain & Deactivate, and confirm the drain operation.

On confirmation, the status of the node changes to SG Moving. On completion, the status changes to Inactive. A drained node has no associated Service Groups.

Activate the Node

A drained node appears as Inactive in the Service Group Operations pane (cnBR Manager > cnBRs > Service Group Operations). To move a drained node back to the working pool after maintenance, complete the steps:

Procedure

Step 1

Select an available Cisco cnBR cluster from the drop-down list. The table displays nodes for the selected cluster.
Step 2

Select an inactive node and click Activate.

On successful activation, the selected node appears as Active in the Service Group Operations dashboard.

Audit of Service Group Operations

The Cisco Operations Hub records all Service Group related moves in the cnBR Manager for auditing.

To view the service group move, drain or activation history, perform the following step:

Procedure

Navigate to cnBR Manager > cnBRs > Service Group Operations and click Operations History.

The Operations History table provides the following information:

  • Action undertaken

  • Status of the operation

  • cnBR name

  • Source and Destination Node

  • Service Groups that moved successfully

  • Service Groups that failed during movement (if any)

  • Failure details (if any)

  • The initiation time of the operation

Service Group Operations Errors and Warnings

Service Group Operations have the following errors and warnings:

Error

Error: Failed to drain node <node-name>, reason: job failed. Please try again later.

Diagnosis: The common cause for a draining job failure is a timeout occurring while waiting for responses from other microservices.

Solution: Attempt the operation later and see whether the issue is resolved.

Warning

Warning: Unable to drain <node-name>, reason: Insufficient SG capacity in other worker node.

Diagnosis: When draining a DOCSIS node, the Cisco cnBR moves the service groups to other DOCSIS nodes to keep the services running. Sometimes, the other DOCSIS nodes do not have the capacity to hold all service groups. In such cases, an error-dialog warns of the insufficient capacity.

Solution: To resolve the issue, click Cancel and stop the drain operation.

Export and Import Configuration

The system administrator performs the import and export of Cisco Operations Hub configurations using the Cisco Operations Hub UI or RESTful APIs. The system administrator can store the exported configuration at a secure location. For Disaster Recovery, the system administrator performs the import operation to restore the Cisco Operations Hub to their original configurations.

From Cisco Operations Hub cluster, you can import and export:

  • User Management data

  • LDAP configuration

  • Tag information

  • Login Banner content

  • User created Grafana and Kibana dashboards

Export Cisco cnBR Configuration using cnBR Manager

To export the Cisco cnBR configuration, complete the following steps:

Procedure

Step 1

Click Cisco Operations Hub > cnBR Manager > cnBRs

Step 2

On the navigation panel, click Import & Export cnBR.

Step 3

Select the target Cisco cnBR from the drop-down list in the Export cnBR Configuration section.

Step 4

Click Export
Step 5

Rename the file and save it at a secure location.

Export Cisco cnBR Configuration using RESTful API

Procedure

Run the following command in a UNIX shell to export the Cisco cnBR configuration: 

curl -k -X GET 'https://{opsHUBHost}/api/configurator/v1/cmts/config/{cmts-id}' -H 'Accept: application/json' -H 'Authorization: Bearer <token>' | tee path/to/backup/config

Example

hostname#curl -k -X GET 'https://opshub1.cisco.com/api/configurator/v1/cmts/config/cnbr1.cisco.com' -H 'Accept: application/json' -H 'Authorization: Bearer <token>' | tee cnbr-10.79.193.236-configuration.json

Export Cisco Operations Hub Configuration using Cisco Operations Hub

To export the Cisco Operations Hub configuration, complete the following steps:

Procedure

Step 1

Click the Cisco Operations Hub main menu button > System > Import & Export to open the Cisco Operations Hub Export/Import pane.

Step 2

Click Export in the Export Configuration section to download the file containing the configuration.

Step 3

Rename the file and save it to a secure location.

Export Cisco Operations Hub Configuration using RESTful API

Procedure

Run the following command in a UNIX shell to export the Cisco Operations Hub configuration: 

curl -k -X GET 'https://{opsHUBHost}/configurator/opshub/export' -H 'Accept: application/json' -H 'Authorization: Bearer <token>' | tee path/to/backup/config

Example

hostname#curl -k -X GET 'https://opshub1.cisco.com/configurator/opshub/expor' -H 'Accept: application/json' -H 'Authorization: Bearer <token>' | tee opshub-172.22.29.221-configuration.json

Import Cisco cnBR Configuration using cnBR Manager

To import the Cisco cnBR configuration, complete the following steps:

Procedure

Step 1

Click Cisco Operations Hub > cnBR Manager > cnBRs

Step 2

On the navigation panel, click Import & Export cnBR.

Step 3

Select the target Cisco cnBR from the drop-down list in the Import cnBR Configuration section.

Step 4

Click Browse and choose a cnBR Configuration file.

Step 5

Click Import.

Import Cisco cnBR Configuration using RESTful API

Procedure

Run the following command in a UNIX shell to import the Cisco cnBR configuration: 

curl -k -X PUT 'https://{opsHUBHost}/api/configurator/v1/cmts/config/{cmts-id}' -H 'Accept: application/json' -H 'Content-Type: application/json' -H 'Authorization: Bearer <token>' -d '@path/to/backed/up/config

Example

hostname#curl -k -X PUT 'https://opshub1.cisco.com/api/configurator/v1/cmts/config/cnbr1.cisco.com' -H 'Accept: application/json' -H 'Content-Type: application/json' -H 'Authorization: Bearer <token>' -d '@cnbr-10.79.193.236-configuration.json

Import Cisco Operations Hub Configuration using Cisco Operations Hub

To import the Cisco Operations Hub configuration, complete the following steps:

Procedure

Step 1

Click the Cisco Operations Hub main menu button > System > Import & Export to open the Cisco Operations Hub Export/Import pane.

Step 2

On the Import Configuration section, browse and choose an Operations Hub configuration file in tar.gz format.

Step 3

Click Import.

Import Cisco Operations Hub Configuration using RESTful API

Procedure

Run the following command in a UNIX shell to import the Cisco Operations Hub configuration: 

curl -k -X PUT "https://{opsHUBHost}/configurator/opshub/import" -H "accept: application/json" -H "Content-Type: application/json" -H 'Authorization: Bearer <token>' -d "@path/to/backed/up/config

Example

hostname#curl -k -X PUT 'https://opshub1.cisco.com/configurator/opshub/import' -H 'Accept: application/json' -H 'Content-Type: application/json' -H 'Authorization: Bearer <token>' -d '@opshub-172.22.29.221-configuration.json