Cisco ACI – Reset a ACI Spine/Leaf Switch to default

Login via SSH or Console to the switch

Make sure that there is an image on the leaf/spine

leaf01# dir /bootflash/aci-n9000*
/bootflash/aci-n9000-dk9.11.0.2j.bin

Make sure that this image is used as bootvar

leaf01# cat /mnt/cfg/0/boot/grub/menu.lst.local
boot aci-n9000-dk9.11.0.2j.bin
leaf01# cat /mnt/cfg/1/boot/grub/menu.lst.local
boot aci-n9000-dk9.11.0.2j.bin

If this Image is not set as bootvar, there is a script for that 🙂

leaf01# setup-bootvars.sh aci-n9000-dk9.11.0.2j.bin

After the check you can reset the switch

leaf01# setup-clean-config.sh aci-n9000-dk9.11.0.2j.bin
In progress
In progress
In progress
In progress
In progress
In progress
In progress
In progress
In progress
In progress
In progress
In progress
In progress
In progress
In progress
Done

Just reload the switch

leaf01# reload
This command will reload the chassis, Proceed (y/n)? [n]: y

After this process you can rejoin this Switch to the fabric

 

Cisco ACI – New Features in Release 1.1(2h)

Cisco just released the newest Cisco ACI Software called 1.1(2h).

Feature Description Guidelines and Restrictions
AES encryption for configuration files As of release 1.1(2), the secure properties of APIC configuration files can be encrypted by enabling AES-256 encryption. AES encryption is a global configuration option; all secure properties conform to the AES configuration setting. It is not possible to export just a portion of the ACI fabric such as a tenant configuration with AES encryption.
SCVMM clustering support You can now install the APIC SCVMM agent on a Highly Available System Center Virtual Machine Manager (SCVMM). None.
Windows Azure Pack with L3out support Windows Azure Pack tenants can now configure their networks to connect outside of the fabric. This is done by establishing a security contract to L3ExtOut for both incoming and outgoing traffic.

See the Cisco ACI Virtualization Guide for more information.
None.
ACI Optimizer After entering your network requirements in an Optimizer Config Template, the ACI Optimizer tells you how many leafs you will need for your network and suggests how to deploy each application and external EPG on each leaf without violating any constraints. Also, after entering your existing topology in an Optimizer Config Template, the ACI Optimizer helps you determine if you have what you need, if you are exceeding any limitations, and suggests how to deploy each application and external EPG on each leaf. When using the ACI Optimizer, Scale constraints may be violated if the given topology is not enough.
VMware vSphere 6.0 support ACI now supports VMware vCenter 6.0. 

See the Cisco ACI Virtualization Guide for more information.
The vCenter 6.0 feature of vMotion across a vCenter/datacenter is not supported.

Definitly notable is the VMware vSphere 6.0 support!

Source:
http://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/1-x/release/notes/apic_rn_112h.html

Link to the Software:
https://software.cisco.com/download/release.html?mdfid=285968390&softwareid=286278832&release=1.1(2h)&relind=null&rellifecycle=null&reltype=null&i=rn

Cisco ACI – The new and nice GUI way to Upgrade your ACI Fabric

Some time ago i posted how to do a upgrade of your ACI Fabric through CLI.
Cisco made this process now way easier, with some cool new features.

In this short guide i used the current ACI release 1.1(1o), that you can grab directly from cisco here.

Upload the Firmware to the APIC

You can now upload directly through your browser, no longer the need for a SCP/FTP Server!

Upload the new Firmware to the ACI

Just select the file from you computer, that’s it!

Select the new Firmware from your Computer

Upload both files, the Controller and Switch Firmware:
Controller – aci-apic-dk9.1.1.1o.iso
Switches – aci-n9000-dk9.11.1.1o.bin

Upgrade of the APIC Controllers

You can now start with the upgrade of your APIC Controllers.

Start the ACI controller upgradeSelect to which version you want to upgrade

 

Select the new version here and ‘Apply now’ the Update will start immediately.

Upgrade of the Nexus 9000 Spine and Leaf switches

After the upgrade of the controllers is finished, you can start with the switches.
In production you got properly more than one Firmware Group or you split them in another way (Maintenance Windows A/B), but i kept it simple in my lab and made just two (Leaf/Spine).

Select the version to use for your spine switches

Select to upgrade your spine switches now

You can just trigger the upgrade one and now with the ‘Upgrade Now’ option!

Same apply for my other group.

Select the version to use for your leaf switchesSelect to upgrade your leaf switches now

That’s it! You just upgraded your ACI Fabric with success and this time easier and faster!

Cisco ACI – AVS Upgrade through CLI

Frist grab the release from the cisco page here

Then put it through scp from you Download place to the ESX Server

scp CiscoAVS_1.5-5.2.1.SV3.1.5-pkg.zip root@10.32.5.150:/tmp
Password:
CiscoAVS_1.5-5.2.1.SV3.1.5-pkg.zip 100% 35MB 806.2KB/s 00:45

Next you Login to the ESX through SSH and check the current version

~ # vemcmd show version
VEM Version: 5.2.1.3.1.3.0-3.2.1
System Version: VMware ESXi 5.5.0 Releasebuild-2068190
ESX Version Update Level: 0

Then i unzipped the archives and upgraded the vib

cd /tmp/
unzip CiscoAVS_1.5-5.2.1.SV3.1.5-pkg.zip
unzip CiscoAVS_1.5-5.2.1.SV3.1.5.zip
cd ~
esxcli software vib update -v /tmp/CiscoAVS_1.5-5.2.1.SV3.1.5/cross_cisco-vem-v197-5.2.1.3.1.5.0-3.2.1.vib --maintenance-mode

And thats it, i’m now running the new AVS Version

~ # vemcmd show version
VEM Version: 5.2.1.3.1.5.0-3.2.1
OpFlex SDK Version: 1.1(1j)
System Version: VMware ESXi 5.5.0 Releasebuild-2068190
ESX Version Update Level: 2

Sublime – Use Control+W to delete Word to the left

I’m a pretty big fan of Sublime Text (v3), will blog more about my setup details. But this morning i really missed the Control+W to delete the first word on the left side, so i found this Solution:

Sublime Text -> Preferences -> Key Bindings – User:

[
{ "keys": ["ctrl+w"], "command": "delete_word", "args": {"forward": false, "sub_words": true}},
]

An that’s it, you can now delete words with Control+W 🙂

 

FTP Server under Mac OS X

Today a colleague of mine (Thanks Alex Passfall) showed me a simple ftp server under mac:

pip2 install twisted # if not already
sudo twistd -n ftp -p 21 -r Downloads

After that you can access all the files in the specified directory through ftp. Awesome stuff!


aci-lab-as01#copy ftp://10.32.32.184/file.lic .
Destination filename [file.lic]?
Accessing ftp://10.32.32.184/file.lic...
Loading file.lic !
[OK - 814/4096 bytes]

814 bytes copied in 0.084 secs (9690 bytes/sec)

Thanks @Samuel Heinrich for spell checking 😉

Cisco Prime Infrastructure – Update from 2.1 to 2.2

 Overview

I did the Upgrade from Prime Infrastructure 2.1 to Prime Infrastructure 2.2 last week for one of our customers. Unfortunately this upgrade isn’t possible ‘in place’, you have to install a new Prime Infrastructure 2.2 Server and then import your old configuration.

As described in the Prime Infrastructure 2.2 Quickstart Guide you have to be on one of the following versions that the backup can be used in 2.2:

  • Cisco Prime Infrastructure 2.1.2 (with the UBF patch)
  • Cisco Prime Infrastructure 2.1.1 (with the UBF patch)
  • Cisco Prime Infrastructure 2.1.0.0.87
  • Cisco Prime Infrastructure 1.4.2
  • Cisco Prime Infrastructure 1.4.1
  • Cisco Prime Infrastructure 1.4.0.45

Luckily we were on 2.1.0.0.87, so it wasn’t necessary to do a minor upgrade first.

  (more…)

Cisco WLC – IOS Based WLC AP Count through SNMP (5760, 3850, 3650)

I had a hard time to find the correct OID and ended with doing a snmpwalk and try to find the right OID with a grep…
But i think i made it 🙂

Crosschecked on 2 5760 Clusters and i got the correct count on both, also tried to reboot some APs and the count seems correct to me.
Note: I use 3.6.1 so maybe you get a different result with another software version.

1.3.6.1.4.1.9.9.999999.1.1.1.11.0

Interesting is that i found two other OIDs that report the same value.

1.3.6.1.4.1.9.9.999999.1.1.1.17.0
1.3.6.1.4.1.9.9.999999.1.1.1.18.0

Cisco ACS – Patch Install error (% Manifest file not found in the bundle)

I’m sure that it’s not the first time i felt for this …
Tried to install a ACS Patch this morning and got an error:
% Manifest file not found in the bundle

First i used the wrong command:
patch install 5-4-0-46-5.tar.gpg FTP

ACS01/admin# patch install 5-4-0-46-5.tar.gpg FTP
Save the current ADE-OS running configuration? (yes/no) [yes] ?
Generating configuration...
Saved the ADE-OS running configuration to startup successfully
Initiating Application Patch installation...
% Manifest file not found in the bundle

Easy solution, use the right command! 🙂
acs patch install 5-4-0-46-5.tar.gpg repository FTP

ACS01/admin# acs patch install 5-4-0-46-5.tar.gpg repository FTP
Installing ACS patch requires a restart of ACS services. Continue?  (yes/no) yes
Calculating disk size for /opt/CSCOacs/patches
Total size of patch files are 1079 M.
Max Size defined for patch files are 1000 M.
WARNING: Patch of size 1079 M exceeds the allowed quota of 1000 M.
This will not prohibit patch installation process as long as there is enough disk space.
Please note that this indicates you should consider moving ACS to a higher disk space machine
Stopping ACS.
Stopping Management and View...............................................................
Stopping Runtime.........................
Stopping Database.....
Stopping Ntpd....
Cleanup..
Stopping log forwarding .....
Installing patch version '5.4.0.46.5'
Installing ADE-OS 1.2 patch.  Please wait...
Decompressing patch files 5.4.0.46.5 ...
About to install files
Removing old war
Removing old war
Removing old war
Removing old war
Removing old war
Removing old war
Removing old war
Removing old war
Removing old war
/opt/CSCOacs/patches/5-4-0-46-5
Patch '5-4-0-46-5' version '5.4.0.46.5' successfully installed
Starting ACS ....

To verify that ACS processes are running, use the
'show application status acs' command.