Using Echo Service to run Health Checks on pxGrid Cloud

The cloud apps that connect to ISE using pxGrid Cloud do not have a reliable mechanism to check if the end-to-end connection to ISE is intact as these apps connect to ISE via a cloud platform.
Thus, these apps can detect any issues in the connection between the app and the cloud platform but can’t detect if there is any connection issue between ISE and the cloud platform.

Echo service is available to developers from Cisco ISE Release 3.1. Echo service helps app developers test their solutions without having to subscribe to topics or installing required licenses for certain topics, such as Session Directory.

This Echo service can be used to run health checks to determine both pub-sub and API connectivity to ISE. As a developer, you can choose to include Echo Service in the scope of the app during onboarding to run periodic health checks to establish that the connectivity to ISE is not interrupted. Calling the Echo query and publishing APIs periodically checks if the end-to-end connection is intact.

For more details, see Cisco pxGrid Cloud SDK.

If an app does not receive a response for the Echo query or published APIs, it could mean that there is a problem with ISE. You could check for the following:

• ISE is up and running.
• ISE has had any persona changes. This could mean that pxGrid or pxGrid cloud configurations have gotten disabled on ISE.
• Echo Service is enabled in the pxGrid Cloud Policy window.
• Check the pxGrid Cloud Connection page to ensure that the connection between ISE and the cloud is intact.

If all the above are working fine, it could indicate a problem with the cloud platform.