Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
793
Views
4
Helpful
3
Replies

Scripted ISE install?

Go to solution
kkem07
Cisco Employee
Cisco Employee

‎10-11-2017 10:51 AM

 

Is there is a way to script the rebuild of the ISE environment so that they do not have to manually rebuild everything when doing a fresh install to get a clean database.

 

1 person had this problem
1 Accepted Solution

Accepted Solutions

Go to solution
Craig Hyps
Level 10
Level 10
In response to Arne Bier

‎10-12-2017 04:26 AM

This thread can take many turns (positive ones, actually), but this is not the proper forum to discuss what could be or coming.  I would suggest reaching out to account team for roadmap discussions and enhancement requests.  Short of it is that on this date in Oct 2017, there is no "sysprep" for ISE.   It is possible to have dormant ISE nodes that have fresh install up to setup phase, or even fully configured at ADE-OS level and ready to be registered into deployment.  This could be used to augment existing VM or even hardware-based deployment.

Craig

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Dustin Anderson
VIP Alumni
VIP Alumni

‎10-11-2017 11:22 AM

There is some stuff that can be exported, and re-imported, but not a lot.

What do you mean by a clean database? everything recreated in that version? Or, to remove the old logs?

If you are not sure about old entrys, you could purge the current data and do a backup, then rebuild and restore the backup. This should keep everything except the logs.

0 Helpful

Go to solution
Arne Bier
VIP
VIP

‎10-11-2017 04:21 PM

This is an excellent question.  I have written my own guides for rebuilding an ISE "cluster" from scratch (as part of my customer's requirement to have this disaster recovery process documented).  It's a very lengthy document and after many iterations I have honed the process down to the correct sequence.

It would be nice to be able to build such a system using some automation tools (chef/puppet/Ansible etc).  I don't think an ISE node should be immutable like your typical web server running in a Docker container that gets spun up for 10 seconds and then killed again.  But if you're building a lot of these nodes, then it gets a bit long in the tooth.  I am not a fan of cloning and exporting/importing configs to "speed up" the process because that brings too much baggage with it.  Clean, quick build from scratch and with automation - that's what we're hearing all the time from the SDN folks.  Maybe something like a kickstart install for ISE would be nice.  One can create a file offline with all the settings you want, and then during install (.iso) one feeds that file (via tftp or whatever).  Sit back and watch your ISE node be built.

I'll get off my cloud now ...

Go to solution
Craig Hyps
Level 10
Level 10
In response to Arne Bier

‎10-12-2017 04:26 AM

This thread can take many turns (positive ones, actually), but this is not the proper forum to discuss what could be or coming.  I would suggest reaching out to account team for roadmap discussions and enhancement requests.  Short of it is that on this date in Oct 2017, there is no "sysprep" for ISE.   It is possible to have dormant ISE nodes that have fresh install up to setup phase, or even fully configured at ADE-OS level and ready to be registered into deployment.  This could be used to augment existing VM or even hardware-based deployment.

Craig

0 Helpful
Customers Also Viewed These Support Documents