I will be building my first DNAC cluster soon. I've built the first node from the 220.127.116.11 iso. So is there any advantage to completing all application updates first then adding the next two nodes? Or do I do the initial build and create the cluster then apply the updates?
If I had a single node running for some time it's feasible that it could be at the latest version while any subsequent ones either come with what they are shipped with or are built from an iso but don't have the available platform updates prior to joining a cluster.
My question really is when I join a second and third node to a first cluster member do they go out to Cisco and download all the required updates or does the first node supply all the updated software to the subsequent nodes locally without going out to Cisco?
Also, regarding the Cluster link and its IP address/VIP address I've never been quite clear on this. When I build a single node I don't need to supply a gateway for the cluster link. I've also read that the cluster IP does not need to come from a routable subnet. However, when I build the node and look in System - System 360 the IP address used is from the cluster interface and also it's not the VIP.
Why would this IP be used if it comes from a subnet that is supposedly not required to be routed? I would have thought the Enterprise VIP would be a more appropriate address. The address above isn't even a VIP address. It is the address I assigned the Cluster link. The vip is .3 in each case
So when I start using DNAC and push out config for it to be used as the syslog, netflow and snmp receiver what address would it push out? Enterprise, cluster or one of their VIP addresses? In a single node test it seems to push out the Enterprise address. Would this change in a cluster to the Enterprise VIP?
Thanks for any input, Stuart.
FOR DN2 Appliance (M5) - Model L
NETWORK ADAPTER #1 1Gbps/10Gbps [eno1] - Management (recommended)
NETWORK ADAPTER #2 1Gbps/10Gbps [eno2] - Cloud Update Connectivity (recommended)
NETWORK ADAPTER #3 10_Gbit port [enp94s0f0] - Enterprise Network (recommended)
NETWORK ADAPTER #4 10_Gbit port [enp94s0f1] - Intra Cluster Link (recommended)
NETWORK ADAPTER #1 not configured [eno1] - Management (recommended)
NETWORK ADAPTER #2 192.168.1.13 [eno2] - Cloud Update Connectivity (recommended)
NETWORK ADAPTER #3 192.168.2.4 [enp94s0f0] - Enterprise Network (recommended)
NETWORK ADAPTER #4 192.168.3.4 [enp94s0f1] - Intra Cluster Link (recommended)
*** Assuming network.1 is the default Gateway for your networks, here is an example of ip addressing your cluster.
NODE NIC PERSONALITY IP SUBNET VIP IP GATEWAY IP
Node1 [eno1] Management 192.168.1.101 192.168.1.104 ** Add Routes
Node1 [eno2] Cloud Update aa.bb.cc.101 aa.bb.cc.104 default gw
Node1 [enp94s0f0] Enterprise Network 192.168.2.101 192.168.2.104 ** Add Routes
Node1 [enp94s0f1] Intra Cluster Link 192.168.3.101 192.168.2.104 ** ClusterLink [X]
Node2 [eno1] Management 192.168.1.102 ** Add Routes
Node2 [eno2] Cloud Update aa.bb.cc.102 default gw
Node2 [enp94s0f0] Enterprise Network 192.168.2.102 ** Add Routes
Node2 [enp94s0f1] Intra Cluster Link 192.168.3.102 ** ClusterLink [X]
Node3 [eno1] Management 192.168.1.103 ** Add Routes
Node3 [eno2] Cloud Update aa.bb.cc.103 default gw
Node3 [enp94s0f0] Enterprise Network 192.168.2.103 ** Add Routes
Node3 [enp94s0f1] Intra Cluster Link 192.168.3.103 ** ClusterLink [X]
Note: You need a routable IP address and connectivity to the Internet so that you can perform the Download & Install the remaining application packages.
The IP address shown in the UI is for the Cluster IP addresses of the Nodes since they are the interfaces that the nodes talk to each other. Since this Cluster network is a private network for the Cluster, you do not need routes into this network and no default route is needed.
Thank you for the quick and detailed reply.
You said build each node without the application updates then enable HA services. I assume at the initial screen I choose to Join an Existing Cluster for the 2nd and 3rd nodes?
However, I am wondering if I can pre-build and update the first node and deploy it on site while I wait for the other 2 nodes to be delivered? Then join those two into an already up to date first node? This would seem a reasonable thing to do because we would maybe run for some time as a single node, applying all updates, before adding further nodes into a cluster.
So, in that case, if I join a 2nd and 3rd node to an up to date 1st node how do the last 2 nodes update? Do they then go to Cisco and download their updates individually? Or does the first node supply the updates?
If I had all 3 nodes I would build as you suggest. However, with only 1 node just now my plan was to ship it to our DC, deploy it and then add the other nodes at a later date.
Thank you for any further input, Stuart.
If you only have a single node now....
Note: You do run into a risk that a "New" Release will come out from the time Node1 is installed and Node 2 & Node 3 arrives. Remember, that Node 2 & 3 MUST be the same version to be able to join a Cluster.
Cisco DNA Center High Availability Guide, Release 2.1.2
Cisco DNA Center Second-Generation Appliance Installation Guide, Release 2.1.2
Cisco DNA Center is the network management and command center for Cisco DNA, your intent-based network for the enterprise. Provision and configure all your network devices in minutes. Use advanced artificial intelligence (AI) and machine learning (ML) to proactively monitor, troubleshoot, and optimize your network.