Cisco Cisco Virtual Managed Services 1.02 Troubleshooting Guide
5. Network Services Orchestrator (NSO)
124
5.4 Operations
Start, Stop, Restart NSO
The NSO runs as a process under the host Linux OS and can be started, restarted and stopped using standard
Linux commands. In both Ubuntu and RedHat use the
Linux commands. In both Ubuntu and RedHat use the
service
command to run a System V init script under
/etc/init.d
.
E.g.
service ncs [start | restart | stop | status ]
SSL Certificates
The NSO runs two web services (HTTP/HTTPS) for the Zero Touch Deployment (PnP) service and the Day 0
configuration service. Although these servers can be run as plain HTTP, it is recommended to enable HTTPS
for both.
configuration service. Although these servers can be run as plain HTTP, it is recommended to enable HTTPS
for both.
For the PnP service, HTTPS is enabled in the
pnp
configuration section of the NSO as shown below.
admin@ncs-vm> show configuration pnp server
port 443;
use-ssl true;
port 443;
use-ssl true;
For the Day 0 service, HTTPS is enabled in the
day0
configuration section of the NSO as shown below:
admin@ncs-vm> show configuration day0
server {
server {
port 443;
use-ssl true; }
use-ssl true; }
The
/etc/ncs/ncs.conf
file defines where the required certificate files are located for SSL. By default, the
NSO will use the self-signed certificates found in
${NCS_CONFIG_DIR}/ssl/cert/
which translates to
/etc/ncs/ssl/cert
. For a production system, it is highly recommended that these certificates be replaced
by actual CA signed certificates.
ubuntu@NSO-vm:~$ ls -l /etc/ncs/ssl/cert/*2.*
-rw-r--r-- 1 root root 1822 Nov 26 11:32 /etc/ncs/ssl/cert/host2.ca-cert
-rw-r--r-- 1 root root 1822 Nov 26 11:32 /etc/ncs/ssl/cert/host2.cert
-rw-r--r-- 1 root root 1651 Nov 26 11:32 /etc/ncs/ssl/cert/host2.csr
-rw-r--r-- 1 root root 3243 Nov 26 11:32 /etc/ncs/ssl/cert/host2.key
-rw-r--r-- 1 root root 1822 Nov 26 11:32 /etc/ncs/ssl/cert/host2.ca-cert
-rw-r--r-- 1 root root 1822 Nov 26 11:32 /etc/ncs/ssl/cert/host2.cert
-rw-r--r-- 1 root root 1651 Nov 26 11:32 /etc/ncs/ssl/cert/host2.csr
-rw-r--r-- 1 root root 3243 Nov 26 11:32 /etc/ncs/ssl/cert/host2.key