Latest

Home / Cisco / ThousandEyes / ThousandEyes Enterprise Agents on Cisco Switches with Docker

ThousandEyes Enterprise Agents on Cisco Switches with Docker

October 24, 2022 ,

ThousandEyes Enterprise Agents on Cisco Switches with Docker

We will discuss how to install a ThousandEyes Enterprise Agent using Docker on a Cisco NDNA_C9300 9000-series switch. An Enterprise Agent can be launched through Cisco application hosting using a Docker image signed by ThousandEyes.

For application hosting, Cisco IOS XE allots dedicated memory and CPU resources to ensure the security and performance of user applications.

Docker containers are now natively supported on Cisco NDNA_C9300 9000 switches with IOS XE 16.12.1.A Docker container running on internal flash storage is run by the ThousandEyes Enterprise Agent.


Fig 1.1- ThousandEyes Workflow

Here are the steps below

Step 1: From your ThousandEyes dashboard, download the Docker image and copy it to your Cisco switch using SCP, FTP, TFTP, or USB storage. Download the .tar file with the ThousandEyes appliance for NDNA_C9300 9000-series switches.

Step 2: Click Add New Enterprise Agent under Cloud & Enterprise Agents > Agent Settings.

Step 3: Run a checksum (md5) command to verify that the package transfer was successful. The md5 output should match

Step 4: A Docker container can be installed on a switch by enabling the IOx framework and check the services are running


Step 5: Now Install the enterprise agent on the C9300 Switch
NDNA_C9300#app-hosting install appid TE package flash:thousandeyes-enterprise-agent-4.2.2.cisco.tar

OR

NDNA_C9300#app-hosting install appid TE package https://downloads.thousandeyes.com/enterprise-agent/thousandeyes-enterprise-agent-4.2.2.cisco.tar

Step 6: Check for the application as it should be installed

Step 7: In order to assign Layer-2 VLANs from the uplink router and switch to the appliance, you must configure only one virtual network interface card (vNIC).

Ensure the Layer-2 VLAN is enabled from the uplink port on the front panel

NDNA_C9300# Config t
NDNA_C9300(config)# interface GigabitEthernet1/0/1
NDNA_C9300(config)#description Uplink MGMT
NDNA_C9300(config)# switchport access vlan 21

Step 8: Create an SVI that matches with Layer-2 VLAN

NDNA_C9300# Config t
NDNA_C9300(config)#interface Vlan21
NDNA_C9300(config)#ip address 10.100.21.13 255.255.255.0
NDNA_C9300(config)#end

Step 9: Configure the AppGigabitEthernet port to allow Layer-2 VLAN

NDNA_C9300# Config t
NDNA_C9300(config)#interface AppGigabitEthernet1/0/1
NDNA_C9300(config)#switchport trunk allowed vlan 21
NDNA_C9300(config)#switchport mode trunk
NDNA_C9300(config)#end

Step 10: Configure the application, either with a static IP 

NDNA_C9300(config)#app-hosting appid thousandeyes_enterprise_agent
NDNA_C9300(config-app-hosting)#app-vnic AppGigabitEthernet trunk
NDNA_C9300(config-config-app-hosting-trunk)#vlan 21 guest-interface 0
NDNA_C9300(config-config-app-hosting-vlan-access-ip)#guest-ipaddress 10.10.10.12 netmask 255.255.255.0
NDNA_C9300(config-config-app-hosting-vlan-access-ip)#exit
NDNA_C9300(config-config-app-hosting-trunk)#exit
NDNA_C9300(config-app-hosting)#app-default-gateway 10.10.10.1 guest-interface 0
NDNA_C9300(config-app-hosting)#name-server0 8.8.8.8
NDNA_C9300(config-app-hosting)#name-server1 8.8.4.4

Step 11: Specify the account token in the Docker run options. The hostname can also be specified here if it is different from the switch's name:

NDNA_C9300(config-app-hosting)#app-resource docker
NDNA_C9300(config-app-hosting-docker)#prepend-pkg-opts
NDNA_C9300(config-app-hosting-docker)#run-opts 1 "-e TEAGENT_ACCOUNT_TOKEN=<Token>"
NDNA_C9300(config-app-hosting-docker)#run-opts 2 "--hostname NDNA-TE"
NDNA_C9300(config-app-hosting)#start
NDNA_C9300(config-app-hosting)#end

Step 12: Save configurations and check for the docker container 

Step 13: In the ThousandEyes platform, go to Cloud & Enterprise Agents > Agent Settings

Fig 1.2- ThousandEyes Docker

Now you need to verify the Docker container’s IP address on the above screen. Data ports and management interfaces can be used to connect containers. An IP address of the container is on the same subnet as that of the management interface, which is connected via a management bridge. Containers are equipped with virtual network interface cards (vNICs) that are seen as standard Ethernet interfaces