Contents


Installation and Upgrade Guide

Legal notice

Contents

About this document

Part I. Getting started

1. Before you begin

NSP deployment overview

Where do I start?

NSP deployment terms and concepts

Deployment scenarios

NSP HA and DR support

Workflow to deploy model-driven management

Workflow to deploy model-driven and classic management

Workflow to deploy resource control

Workflow to deploy the Simulation tool

2. NSP disk setup and partitioning

NSP disk deployment

Introduction

To deploy an NSP RHEL qcow2 disk image

To configure disk partitions using device UUIDs

To apply the VMware cloud-init workaround

To configure and mount an NSP disk partition

Disk partitioning for trial deployments

Trial partitioning requirements, NSP deployer host and cluster VMs

Trial partitioning requirements, additional NSP components

Trial partitioning requirements, NFM-P components

Disk partitioning for live deployments

Live partitioning requirements, NSP deployer host and cluster VMs

Live partitioning requirements, additional NSP components

Live partitioning requirements, NFM-P components

3. RHEL OS deployment for the NSP

NSP RHEL OS deployment

Introduction

To apply a RHEL update to an NSP image-based OS

Manual NSP RHEL OS installation

Manually installing the RHEL OS for the NSP

Workflow for manual NSP RHEL OS installation

Required RHEL OS packages for NSP container elements

Required RHEL OS packages for ancillary NSP components

RHEL OS packages to remove from NSP container elements

RHEL OS packages to remove from ancillary components

Special OS requirements

Required additional OS packages, NFM-P single-user client or client delegate server

Optional RHEL OS packages

To lock the RHEL OS version

To apply the RHEL 8 swappiness workaround

To verify the rngd service startup

To enable the NSP crypto-policy function on a manually installed RHEL OS

To set the default Python version

To create the nsp user on a manually installed NSP cluster RHEL OS

To disable the RHEL firewalld service

To set the default umask to 0027

To disable RHEL user namespaces

4. Configuring NSP security

NSP security introduction

NSP user accounts

HTTPS Strict-Transport Security (HSTS)

NSP user authentication

Overview

NSP user authentication functions

NSP user activity logging

NSP Transport Layer Security (TLS)

Implementation and requirements

Configuring TLS for the NSP

NSP TLS configuration

To generate custom TLS certificate files for the NSP

To configure and enable a PKI server

To migrate to a PKI server

To reset the OpenSearch security configuration

To enable or disable TLS on an NSP auxiliary database

To enable TLS communication with the NFM-P using the NFM-P certificate

To suppress security warnings in NSP browser sessions

NFM-P TLS configuration

To configure an NFM-P main server to request a PKI-server TLS certificate

To configure an NFM-P auxiliary server to request a PKI-server TLS certificate

To disable TLS for NFM-P XML API clients

To enable TLS for NFM-P XML API clients

Part II. NSP system deployment

5. NSP deployment basics

NSP system elements

Introduction

Containerized NSP cluster

NSP deployment infrastructure

Kubernetes deployment environment

To upgrade the NSP Kubernetes environment

IP version support

Introduction

Addressing requirements

Using multiple NSP interfaces

Multi-interface configuration

Centralized logging

Introduction

NSP application log forwarding to OpenSearch

NSP application log forwarding to Elasticsearch

NSP application log forwarding to Splunk

NSP application log forwarding to syslog servers

NFM-P server log forwarding to syslog servers

NFM-P server log forwarding to OpenSearch

User activity log forwarding to syslog servers

6. NSP software configuration

NSP configuration file

Configuring database backups

Configuring single sign-on

Configuring LLDP link discovery

Configuring SROS

Configuring inventory synchronization and selectiveSync for path control

7. NSP system installation

Supported installation scenarios

Workflow for new NSP system deployment

To provision the network bridge for NSP VMs

To install the NSP

Workflow for independent NFM-P migration to a new NSP deployment

To migrate from an independent NFM-P system to an NSP cluster deployment

8. NSP system upgrade from Release 22.6 or earlier

Upgrading from Release 22.6 or earlier

Workflow for standalone NSP system upgrade from Release 22.6 or earlier

Workflow for DR NSP system upgrade from Release 22.6 or earlier

To back up the Release 22.3 NSP file service data

To prepare for an NSP system upgrade from Release 22.6 or earlier

To upgrade a Release 22.6 or earlier NSP cluster

9. NSP system upgrade from Release 22.9 or later

Upgrading from Release 22.9 or later

Workflow for standalone NSP system upgrade from Release 22.9 or later

Workflow for DR NSP system upgrade from Release 22.9 or later

To prepare for an NSP system upgrade from Release 22.9 or later

To upgrade a Release 22.9 or later NSP cluster

10. NSP system conversion

Supported NSP system conversions

To convert a standalone NSP system to DR

To enlarge an NSP deployment

To convert an IPv4 NSP system to an IPv6-enabled NSP system

To migrate from CAS to OAUTH2 NSP user authentication

Workflow for NSP system conversion to multi-interface

11. NSP system integration

Integrating other systems and the NSP

System integration support

NFM-P and NSP integration

To add an independent NFM-P to an existing NSP deployment

To enable NSP compatibility with an earlier NFM-P system

WS-NOC and NSP integration

To enable WS-NOC compatibility with an NSP system

To map external user groups to predefined WS-NOC roles

To integrate a containerized WS-NOC and the NSP

12. NSP system uninstallation

Introduction

Workflow to uninstall an NSP cluster

To uninstall the NSP software from an NSP cluster

To uninstall the NSP Kubernetes software

To uninstall the NSP Kubernetes registry

Part III. NSP component deployment

13. NSP component configuration

Configuring NSP component deployments

Common configuration elements

NSP hosts file

NSP RPM-based configuration file

NFM-P deployment configuration

NFM-P deployment requirements

NFM-P deployment restrictions

Configuring an NFM-P system deployment

To obtain the UUID of a station

Using hostnames in the management network

Deployment in a VM

Enabling FIPS security for NFM-P network management

Workflow for FIPS-enabled NFM-P discovery of a new device

Workflow for NE conversion to FIPS mode

GPG-signed RPM files

To verify the GPG keys

To verify Nokia RPM-file GPG signatures

GUI client deployment

To configure a GUI client login form to list multiple NFM-P systems

IGP topology data source configuration

Configuring the IGP topology data source

To change the IGP topology data source

14. NSP component installation

Installing NSP components

NSP component installation overview

NSP auxiliary database installation

Installing an NSP auxiliary database

NSP auxiliary database installation workflow

To prepare a station for NSP auxiliary database installation

To install the NSP auxiliary database software

To add an NSP auxiliary database to the NSP

To convert a standalone auxiliary database to geo-redundancy

NSP Flow Collector / Flow Collector Controller installation

To install NSP Flow Collectors and Flow Collector Controllers

WS-RC installation

To install the WS-RC

VSR-NRC installation

VSR-NRC installation overview

To commission the VSR-NRC for NSP management

NFM-P installation

Installing the NFM-P

NFM-P samconfig utility

Standalone NFM-P system installation

Standalone system installation workflow

To install a standalone NFM-P system

Redundant NFM-P system installation

Redundant system installation workflow

To install a redundant NFM-P system

Auxiliary server installation

Auxiliary server installation workflow

To install an NFM-P auxiliary server

To add auxiliary servers to an NFM-P system

NFM-P single-user GUI client installation

Installing an NFM-P single-user GUI client

To install an NFM-P single-user GUI client

NFM-P client delegate server installation

Installing an NFM-P client delegate server

To add a client delegate server to an NFM-P system

To install an NFM-P client delegate server

15. NSP component upgrade from Release 22.6 or earlier

Upgrading NSP components from Release 22.6 or earlier

Introduction

NSP analytics server migration from Release 22.6 or earlier

To migrate Release 22.6 or earlier analytics servers to an NSP cluster

NSP auxiliary database upgrade from Release 22.6 or earlier

Upgrading from Release 22.6 or earlier

To upgrade a standalone Release 22.6 or earlier auxiliary database

To upgrade a geo-redundant Release 22.6 or earlier auxiliary database

NSP Flow Collector and Flow Collector Controller upgrade from Release 22.6 or earlier

To upgrade Release 22.6 or earlier NSP Flow Collector Controllers and NSP Flow Collectors

NFM-P system upgrade from Release 22.6 or earlier

Release 22.6 or earlier NFM-P upgrade considerations

NFM-P system upgrade restrictions

General NFM-P Release 22.6 or earlier upgrade workflow

NFM-P Release 22.6 or earlier pre-upgrade procedures

To prepare for an NFM-P system upgrade from Release 22.6 or earlier

To prepare an SELinux-enabled Release 22.6 or earlier NFM-P system for an upgrade

Standalone NFM-P system upgrade from Release 22.6 or earlier

Workflow to upgrade a standalone Release 22.6 or earlier NFM-P system

To upgrade a standalone Release 22.6 or earlier NFM-P system

Redundant NFM-P system upgrade from Release 22.6 or earlier

Component references

Workflow to upgrade a redundant Release 22.6 or earlier NFM-P system

To upgrade a redundant Release 22.6 or earlier NFM-P system

Auxiliary server upgrade from Release 22.6 or earlier

To upgrade a Release 22.6 or earlier NFM-P auxiliary server

NFM-P single-user GUI client upgrade from Release 22.6 or earlier

Upgrading a Release 22.6 or earlier single-user GUI client

To upgrade a Release 22.6 or earlier NFM-P single-user GUI client

NFM-P client delegate server upgrade from Release 22.6 or earlier

Upgrading a Release 22.6 or earlier client delegate server

To upgrade a Release 22.6 or earlier NFM-P client delegate server

16. NSP component upgrade from Release 22.9 or later

Upgrading NSP components from Release 22.9 or later

Introduction

NSP analytics server migration from Release 22.9 or later

To migrate Release 22.9 or later analytics servers to an NSP cluster

NSP auxiliary database upgrade from Release 22.9 or later

To upgrade a standalone Release 22.9 or later auxiliary database

To upgrade a geo-redundant Release 22.9 or later auxiliary database

NSP Flow Collector and Flow Collector Controller upgrade from Release 22.9 or later

To upgrade Release 22.9 or later NSP Flow Collectors and Flow Collector Controllers

NFM-P system upgrade from Release 22.9 or later

Release 22.9 or later NFM-P upgrade considerations

NFM-P system upgrade restrictions

General NFM-P Release 22.9 or later upgrade workflow

NFM-P pre-upgrade procedures for Release 22.9 or later

To prepare for an NFM-P system upgrade from Release 22.9 or later

To prepare an SELinux-enabled NFM-P Release 22.9 or later system for an upgrade

Standalone NFM-P system upgrade from Release 22.9 or later

Workflow to upgrade a standalone Release 22.9 or later NFM-P system

To upgrade a standalone Release 22.9 or later NFM-P system

Redundant NFM-P system upgrade from Release 22.9 or later

Component references

Workflow to upgrade a redundant Release 22.9 or later NFM-P system

To upgrade a redundant Release 22.9 or later NFM-P system

Auxiliary server upgrade from Release 22.9 or later

To upgrade a Release 22.9 or later NFM-P auxiliary server

NFM-P single-user GUI client upgrade from Release 22.9 or later

Upgrading a Release 22.9 or later single-user GUI client

To upgrade a Release 22.9 or later NFM-P single-user GUI client

NFM-P client delegate server upgrade from Release 22.9 or later

Upgrading a Release 22.9 or later client delegate server

To upgrade a Release 22.9 or later NFM-P client delegate server

17. NSP component conversion

Converting NSP components

Introduction

NFM-P system conversion to IPv6

Converting an NFM-P system to IPv6

NFM-P conversion to IPv6 workflow

To perform the pre-conversion tasks

To convert a standalone NFM-P system to IPv6

To convert a redundant NFM-P system to IPv6

NFM-P system conversion to redundancy

Converting an NFM-P system to redundancy

System conversion to redundancy workflow

To convert a standalone NFM-P system to a redundant system

18. NSP component integration

Integrating NSP components

To integrate IP-optical coordination and path simulation

To add a WS-RC controller to IP-optical coordination

To install the NSP templates for NSP service management on the NFM-P

19. NSP component uninstallation

Uninstalling ancillary system components

To uninstall an NSP auxiliary database

To uninstall NSP Flow Collectors

To uninstall NSP Flow Collector Controllers

Uninstalling the NFM-P

NFM-P system uninstallation workflow

To uninstall a single-user GUI client

To uninstall a client delegate server

To uninstall an auxiliary server

To uninstall a collocated main server and database

To uninstall a distributed main server or main database

Appendix A. Removing world permissions from compiler executables

Resetting GCC-compiler file permissions

To remove world permissions from compiler executables

To restore compiler world permissions

Appendix B. NSP SSO configuration examples

LDAPS SSO configuration

Configuring LDAPS or secure AD

LDAPS configuration example

Secure AD configuration example

RADIUS SSO configuration

RADIUS configuration example

TACACS+ configuration examples

Configuring TACACS+ authentication