升级您的参考配置文件 (RCF)
建议更改
PDF
当您的运行交换机上已安装了现有版本的 RCF 文件时,您需要升级 RCF 版本。
请确保您拥有以下物品:
-
交换机配置的当前备份。
-
一个功能齐全的集群(日志中没有错误或类似问题)。
-
当前的RCF。
-
如果您要更新 RCF 版本,则需要在 RCF 中进行启动配置,以反映所需的启动映像。
如果需要更改启动配置以反映当前的启动映像,则必须在重新应用 RCF 之前进行更改,以便在以后的重启中实例化正确的版本。
|
在此过程中不需要任何可操作的交换机间链路 (ISL)。这是设计使然,因为 RCF 版本的更改可能会暂时影响 ISL 连接。为确保集群运行不中断,以下步骤将所有集群 LIF 迁移到运行伙伴交换机,同时在目标交换机上执行相应步骤。 |
|
安装新的交换机软件版本和 RCF 之前,必须清除交换机设置并执行基本配置。您必须使用串行控制台连接到交换机,或者在擦除交换机设置之前保留基本配置信息。 |
第一步:准备升级
-
显示每个节点上连接到集群交换机的集群端口:
network device-discovery show显示示例
cluster1::*> network device-discovery show Node/ Local Discovered Protocol Port Device (LLDP: ChassisID) Interface Platform ----------- ------ ------------------------- ---------------- ------------ cluster1-01/cdp e0a cs1 Ethernet1/7 N3K-C3132Q-V e0d cs2 Ethernet1/7 N3K-C3132Q-V cluster1-02/cdp e0a cs1 Ethernet1/8 N3K-C3132Q-V e0d cs2 Ethernet1/8 N3K-C3132Q-V cluster1-03/cdp e0a cs1 Ethernet1/1/1 N3K-C3132Q-V e0b cs2 Ethernet1/1/1 N3K-C3132Q-V cluster1-04/cdp e0a cs1 Ethernet1/1/2 N3K-C3132Q-V e0b cs2 Ethernet1/1/2 N3K-C3132Q-V cluster1::*> -
检查每个集群端口的管理和运行状态。
-
确认集群所有端口均已启动且状态正常:
network port show -ipspace Cluster显示示例
cluster1::*> network port show -ipspace Cluster Node: cluster1-01 Ignore Speed(Mbps) Health Health Port IPspace Broadcast Domain Link MTU Admin/Oper Status Status --------- ------------ ---------------- ---- ---- ----------- -------- ------ e0a Cluster Cluster up 9000 auto/100000 healthy false e0d Cluster Cluster up 9000 auto/100000 healthy false Node: cluster1-02 Ignore Speed(Mbps) Health Health Port IPspace Broadcast Domain Link MTU Admin/Oper Status Status --------- ------------ ---------------- ---- ---- ----------- -------- ------ e0a Cluster Cluster up 9000 auto/100000 healthy false e0d Cluster Cluster up 9000 auto/100000 healthy false 8 entries were displayed. Node: cluster1-03 Ignore Speed(Mbps) Health Health Port IPspace Broadcast Domain Link MTU Admin/Oper Status Status --------- ------------ ---------------- ---- ---- ----------- -------- ------ e0a Cluster Cluster up 9000 auto/10000 healthy false e0b Cluster Cluster up 9000 auto/10000 healthy false Node: cluster1-04 Ignore Speed(Mbps) Health Health Port IPspace Broadcast Domain Link MTU Admin/Oper Status Status --------- ------------ ---------------- ---- ---- ----------- -------- ------ e0a Cluster Cluster up 9000 auto/10000 healthy false e0b Cluster Cluster up 9000 auto/10000 healthy false cluster1::*> -
确认所有集群接口(LIF)都位于主端口上:
network interface show -vserver Cluster显示示例
cluster1::*> network interface show -vserver Cluster Logical Status Network Current Current Is Vserver Interface Admin/Oper Address/Mask Node Port Home ----------- ------------------ ---------- ----------------- ------------ ------- ---- Cluster cluster1-01_clus1 up/up 169.254.3.4/23 cluster1-01 e0a true cluster1-01_clus2 up/up 169.254.3.5/23 cluster1-01 e0d true cluster1-02_clus1 up/up 169.254.3.8/23 cluster1-02 e0a true cluster1-02_clus2 up/up 169.254.3.9/23 cluster1-02 e0d true cluster1-03_clus1 up/up 169.254.1.3/23 cluster1-03 e0a true cluster1-03_clus2 up/up 169.254.1.1/23 cluster1-03 e0b true cluster1-04_clus1 up/up 169.254.1.6/23 cluster1-04 e0a true cluster1-04_clus2 up/up 169.254.1.7/23 cluster1-04 e0b true cluster1::*> -
确认集群显示两个集群交换机的信息:
system cluster-switch show -is-monitoring-enabled-operational true显示示例
cluster1::*> system cluster-switch show -is-monitoring-enabled-operational true Switch Type Address Model --------------------------- ------------------ ---------------- --------------- cs1 cluster-network 10.0.0.1 NX3132QV Serial Number: FOXXXXXXXGS Is Monitored: true Reason: None Software Version: Cisco Nexus Operating System (NX-OS) Software, Version 9.3(4) Version Source: CDP cs2 cluster-network 10.0.0.2 NX3132QV Serial Number: FOXXXXXXXGD Is Monitored: true Reason: None Software Version: Cisco Nexus Operating System (NX-OS) Software, Version 9.3(4) Version Source: CDP 2 entries were displayed.
对于ONTAP 9.8 及更高版本,请使用以下命令 system switch ethernet show -is-monitoring-enabled-operational true。 -
-
禁用集群 LIF 的自动回滚功能。
cluster1::*> network interface modify -vserver Cluster -lif * -auto-revert false
运行此命令后,请确保禁用自动还原功能。
步骤 2:配置端口
-
在集群交换机 cs2 上,关闭连接到节点集群端口的端口。
cs2> enable cs2# configure cs2(config)# interface eth1/1/1-2,eth1/7-8 cs2(config-if-range)# shutdown cs2(config-if-range)# exit cs2# exit
显示的端口数量取决于集群中的节点数量。 -
验证集群端口是否已故障转移到集群交换机 cs1 上托管的端口。这可能需要几秒钟。
network interface show -vserver Cluster显示示例
cluster1::*> network interface show -vserver Cluster Logical Status Network Current Current Is Vserver Interface Admin/Oper Address/Mask Node Port Home ----------- ----------------- ---------- ------------------ ------------- ------- ---- Cluster cluster1-01_clus1 up/up 169.254.3.4/23 cluster1-01 e0a true cluster1-01_clus2 up/up 169.254.3.5/23 cluster1-01 e0a false cluster1-02_clus1 up/up 169.254.3.8/23 cluster1-02 e0a true cluster1-02_clus2 up/up 169.254.3.9/23 cluster1-02 e0a false cluster1-03_clus1 up/up 169.254.1.3/23 cluster1-03 e0a true cluster1-03_clus2 up/up 169.254.1.1/23 cluster1-03 e0a false cluster1-04_clus1 up/up 169.254.1.6/23 cluster1-04 e0a true cluster1-04_clus2 up/up 169.254.1.7/23 cluster1-04 e0a false cluster1::*> -
验证集群是否运行正常:
cluster show显示示例
cluster1::*> cluster show Node Health Eligibility Epsilon -------------------- ------- ------------ ------- cluster1-01 true true false cluster1-02 true true false cluster1-03 true true true cluster1-04 true true false cluster1::*>
-
如果您尚未保存当前交换机配置,请将以下命令的输出复制到文本文件中:
show running-config -
记录当前运行配置和正在使用的 RCF 文件之间的任何自定义添加。
确保配置以下内容:
-
用户名和密码
-
管理 IP 地址
-
默认网关
-
交换机名称
-
-
保存基本配置详细信息 `write_erase.cfg`启动闪存上的文件。
升级或应用新的 RCF 时,必须清除交换机设置并执行基本配置。您必须连接到交换机串行控制台端口才能重新设置交换机。 cs2# show run | section "switchname" > bootflash:write_erase.cfgcs2# show run | section "hostname" >> bootflash:write_erase.cfgcs2# show run | i "username admin password" >> bootflash:write_erase.cfgcs2# show run | section "vrf context management" >> bootflash:write_erase.cfgcs2# show run | section "interface mgmt0" >> bootflash:write_erase.cfg -
升级到 RCF 版本 1.12 及更高版本时,请运行以下命令:
cs2# echo "hardware access-list tcam region vpc-convergence 256" >> bootflash:write_erase.cfgcs2# echo "hardware access-list tcam region racl 256" >> bootflash:write_erase.cfgcs2# echo "hardware access-list tcam region e-racl 256" >> bootflash:write_erase.cfgcs2# echo "hardware access-list tcam region qos 256" >> bootflash:write_erase.cfg请参阅知识库文章 "如何在保持远程连接的情况下清除Cisco互连交换机上的配置"更多详情请见下文。
-
确认 `write_erase.cfg`文件已按预期填充:
show file bootflash:write_erase.cfg -
问题 `write erase`清除当前已保存配置的命令:
cs2# write eraseWarning: This command will erase the startup-configuration.Do you wish to proceed anyway? (y/n) [n] y -
将之前保存的基本配置复制到启动配置中。
cs2# copy bootflash:write_erase.cfg startup-config -
重启交换机:
cs2# reloadThis command will reboot the system. (y/n)? [n] y -
管理 IP 地址恢复正常后,通过 SSH 登录交换机。
您可能需要更新与 SSH 密钥相关的 hosts 文件条目。
-
使用以下传输协议之一将 RCF 复制到交换机 cs2 的 bootflash:FTP、TFTP、SFTP 或 SCP。有关Cisco命令的更多信息,请参阅相应的指南。"Cisco Nexus 3000 系列 NX-OS 命令参考"指南。
显示示例
cs2# copy tftp: bootflash: vrf management Enter source filename: Nexus_3132QV_RCF_v1.6-Cluster-HA-Breakout.txt Enter hostname for the tftp server: 172.22.201.50 Trying to connect to tftp server......Connection to Server Established. TFTP get operation was successful Copy complete, now saving to disk (please wait)...
-
将之前下载的 RCF 文件应用到启动闪存中。
有关Cisco命令的更多信息,请参阅 "Cisco Nexus 3000 系列 NX-OS 命令参考"指南。
显示示例
cs2# copy Nexus_3132QV_RCF_v1.6-Cluster-HA-Breakout.txt running-config echo-commands
请务必仔细阅读 RCF 的 安装说明、重要说明 和 横幅 部分。您必须阅读并遵循这些说明以确保交换机的正确配置和操作。
-
请确认 RCF 文件是否为最新版本:
show running-config检查输出结果以验证是否拥有正确的 RCF 时,请确保以下信息正确:
-
RCF横幅
-
节点和端口设置
-
定制
输出结果会根据您的网站配置而有所不同。检查端口设置,并参考发行说明,了解您安装的 RCF 版本是否有任何特定更改。
有关如何在 RCF 升级后使 10GbE 端口联机的步骤,请参阅知识库文章"Cisco 3132Q 集群交换机上的 10GbE 端口无法联机"。 -
-
验证 RCF 版本和开关设置正确后,复制 `running-config`文件到 `startup-config`文件。
有关Cisco命令的更多信息,请参阅相应的指南。"Cisco Nexus 3000 系列 NX-OS 命令参考"指南。
显示示例
cs2# copy running-config startup-config [########################################] 100% Copy complete
-
重启交换机cs2。您可以忽略交换机重启期间节点上报告的“集群端口关闭”事件和错误。 `% Invalid command at '^' marker`输出。
cs2# reload This command will reboot the system. (y/n)? [n] y
-
将之前对交换机配置所做的任何自定义设置重新应用。请参阅"审查布线和配置注意事项"有关任何后续变更的详细信息。
-
检查集群上集群端口的运行状况。
-
确认集群中所有节点的集群端口均已启动且运行状况良好:
network port show -ipspace Cluster显示示例
cluster1::*> network port show -ipspace Cluster Node: cluster1-01 Ignore Speed(Mbps) Health Health Port IPspace Broadcast Domain Link MTU Admin/Oper Status Status --------- ------------ ---------------- ---- ---- ----------- -------- ------ e0a Cluster Cluster up 9000 auto/10000 healthy false e0b Cluster Cluster up 9000 auto/10000 healthy false Node: cluster1-02 Ignore Speed(Mbps) Health Health Port IPspace Broadcast Domain Link MTU Admin/Oper Status Status --------- ------------ ---------------- ---- ---- ----------- -------- ------ e0a Cluster Cluster up 9000 auto/10000 healthy false e0b Cluster Cluster up 9000 auto/10000 healthy false Node: cluster1-03 Ignore Speed(Mbps) Health Health Port IPspace Broadcast Domain Link MTU Admin/Oper Status Status --------- ------------ ---------------- ---- ---- ----------- -------- ------ e0a Cluster Cluster up 9000 auto/100000 healthy false e0d Cluster Cluster up 9000 auto/100000 healthy false Node: cluster1-04 Ignore Speed(Mbps) Health Health Port IPspace Broadcast Domain Link MTU Admin/Oper Status Status --------- ------------ ---------------- ---- ---- ----------- -------- ------ e0a Cluster Cluster up 9000 auto/100000 healthy false e0d Cluster Cluster up 9000 auto/100000 healthy false -
从集群中验证交换机的运行状况。
network device-discovery show -protocol cdp显示示例
cluster1::*> network device-discovery show -protocol cdp Node/ Local Discovered Protocol Port Device (LLDP: ChassisID) Interface Platform ----------- ------ ------------------------- ----------------- -------- cluster1-01/cdp e0a cs1 Ethernet1/7 N3K-C3132Q-V e0d cs2 Ethernet1/7 N3K-C3132Q-V cluster01-2/cdp e0a cs1 Ethernet1/8 N3K-C3132Q-V e0d cs2 Ethernet1/8 N3K-C3132Q-V cluster01-3/cdp e0a cs1 Ethernet1/1/1 N3K-C3132Q-V e0b cs2 Ethernet1/1/1 N3K-C3132Q-V cluster1-04/cdp e0a cs1 Ethernet1/1/2 N3K-C3132Q-V e0b cs2 Ethernet1/1/2 N3K-C3132Q-V cluster1::*> system cluster-switch show -is-monitoring-enabled-operational true Switch Type Address Model --------------------------- ------------------ ---------------- ----- cs1 cluster-network 10.233.205.90 N3K-C3132Q-V Serial Number: FOXXXXXXXGD Is Monitored: true Reason: None Software Version: Cisco Nexus Operating System (NX-OS) Software, Version 9.3(4) Version Source: CDP cs2 cluster-network 10.233.205.91 N3K-C3132Q-V Serial Number: FOXXXXXXXGS Is Monitored: true Reason: None Software Version: Cisco Nexus Operating System (NX-OS) Software, Version 9.3(4) Version Source: CDP 2 entries were displayed.
对于ONTAP 9.8 及更高版本,请使用以下命令 system switch ethernet show -is-monitoring-enabled-operational true。
根据交换机上先前加载的 RCF 版本,您可能会在 cs1 交换机控制台上看到以下输出:
2020 Nov 17 16:07:18 cs1 %$ VDC-1 %$ %STP-2-UNBLOCK_CONSIST_PORT: Unblocking port port-channel1 on VLAN0092. Port consistency restored. 2020 Nov 17 16:07:23 cs1 %$ VDC-1 %$ %STP-2-BLOCK_PVID_PEER: Blocking port-channel1 on VLAN0001. Inconsistent peer vlan. 2020 Nov 17 16:07:23 cs1 %$ VDC-1 %$ %STP-2-BLOCK_PVID_LOCAL: Blocking port-channel1 on VLAN0092. Inconsistent local vlan.+
集群节点最多可能需要 5 分钟才能报告为健康状态。 -
-
在集群交换机 cs1 上,关闭连接到节点集群端口的端口。
显示示例
cs1> enable cs1# configure cs1(config)# interface eth1/1/1-2,eth1/7-8 cs1(config-if-range)# shutdown cs1(config-if-range)# exit cs1# exit
显示的端口数量取决于集群中的节点数量。 -
确认集群 LIF 已迁移到交换机 cs2 上托管的端口。这可能需要几秒钟。
network interface show -vserver Cluster显示示例
cluster1::*> network interface show -vserver Cluster Logical Status Network Current Current Is Vserver Interface Admin/Oper Address/Mask Node Port Home ----------- ------------------ ---------- ------------------ ------------------- ------- ---- Cluster cluster1-01_clus1 up/up 169.254.3.4/23 cluster1-01 e0d false cluster1-01_clus2 up/up 169.254.3.5/23 cluster1-01 e0d true cluster1-02_clus1 up/up 169.254.3.8/23 cluster1-02 e0d false cluster1-02_clus2 up/up 169.254.3.9/23 cluster1-02 e0d true cluster1-03_clus1 up/up 169.254.1.3/23 cluster1-03 e0b false cluster1-03_clus2 up/up 169.254.1.1/23 cluster1-03 e0b true cluster1-04_clus1 up/up 169.254.1.6/23 cluster1-04 e0b false cluster1-04_clus2 up/up 169.254.1.7/23 cluster1-04 e0b true cluster1::*> -
验证集群是否运行正常:
cluster show显示示例
cluster1::*> cluster show Node Health Eligibility Epsilon -------------------- -------- ------------- ------- cluster1-01 true true false cluster1-02 true true false cluster1-03 true true true cluster1-04 true true false 4 entries were displayed. cluster1::*>
-
在交换机 cs1 上重复步骤 1 至 19。
-
启用集群 LIF 的自动回滚功能。
cluster1::*> network interface modify -vserver Cluster -lif * -auto-revert True
-
重启交换机cs1。这样做是为了触发集群 LIF 恢复到它们的源端口。交换机重启期间,您可以忽略节点上报告的“集群端口关闭”事件。
cs1# reload This command will reboot the system. (y/n)? [n] y
步骤 3:验证配置
-
确认连接到集群端口的交换机端口已开启。
show interface brief | grep up显示示例
cs1# show interface brief | grep up . . Eth1/1/1 1 eth access up none 10G(D) -- Eth1/1/2 1 eth access up none 10G(D) -- Eth1/7 1 eth trunk up none 100G(D) -- Eth1/8 1 eth trunk up none 100G(D) -- . .
-
验证 cs1 和 cs2 之间的 ISL 连接是否正常:
show port-channel summary显示示例
cs1# show port-channel summary Flags: D - Down P - Up in port-channel (members) I - Individual H - Hot-standby (LACP only) s - Suspended r - Module-removed b - BFD Session Wait S - Switched R - Routed U - Up (port-channel) p - Up in delay-lacp mode (member) M - Not in use. Min-links not met -------------------------------------------------------------------------------- Group Port- Type Protocol Member Ports Channel -------------------------------------------------------------------------------- 1 Po1(SU) Eth LACP Eth1/31(P) Eth1/32(P) cs1# -
验证集群 LIF 是否已恢复到其主端口:
network interface show -vserver Cluster显示示例
cluster1::*> network interface show -vserver Cluster Logical Status Network Current Current Is Vserver Interface Admin/Oper Address/Mask Node Port Home ----------- ------------------ ---------- ------------------ ------------------- ------- ---- Cluster cluster1-01_clus1 up/up 169.254.3.4/23 cluster1-01 e0d true cluster1-01_clus2 up/up 169.254.3.5/23 cluster1-01 e0d true cluster1-02_clus1 up/up 169.254.3.8/23 cluster1-02 e0d true cluster1-02_clus2 up/up 169.254.3.9/23 cluster1-02 e0d true cluster1-03_clus1 up/up 169.254.1.3/23 cluster1-03 e0b true cluster1-03_clus2 up/up 169.254.1.1/23 cluster1-03 e0b true cluster1-04_clus1 up/up 169.254.1.6/23 cluster1-04 e0b true cluster1-04_clus2 up/up 169.254.1.7/23 cluster1-04 e0b true cluster1::*> -
验证集群是否运行正常:
cluster show显示示例
cluster1::*> cluster show Node Health Eligibility Epsilon -------------------- ------- ------------- ------- cluster1-01 true true false cluster1-02 true true false cluster1-03 true true true cluster1-04 true true false cluster1::*>
-
验证远程集群接口的连接性:
你可以使用 `network interface check cluster-connectivity`执行命令以启动集群连接性检查,然后显示详细信息:
network interface check cluster-connectivity start`和 `network interface check cluster-connectivity show
cluster1::*> network interface check cluster-connectivity start
*注意:*运行 show 命令显示详细信息之前,请等待几秒钟。
cluster1::*> network interface check cluster-connectivity show
Source Destination Packet
Node Date LIF LIF Loss
------ -------------------------- ------------------- ------------------- -----------
cluster1-01
3/5/2022 19:21:18 -06:00 cluster1-01_clus2 cluster1-02_clus1 none
3/5/2022 19:21:20 -06:00 cluster1-01_clus2 cluster1-02_clus2 none
cluster1-02
3/5/2022 19:21:18 -06:00 cluster1-02_clus2 cluster1-01_clus1 none
3/5/2022 19:21:20 -06:00 cluster1-02_clus2 cluster1-01_clus2 none
对于所有ONTAP版本,您也可以使用 `cluster ping-cluster -node <name>`检查连接性的命令:
cluster ping-cluster -node <name>
cluster1::*> cluster ping-cluster -node local
Host is cluster1-02
Getting addresses from network interface table...
Cluster cluster1-01_clus1 169.254.209.69 cluster1-01 e0a
Cluster cluster1-01_clus2 169.254.49.125 cluster1-01 e0b
Cluster cluster1-02_clus1 169.254.47.194 cluster1-02 e0a
Cluster cluster1-02_clus2 169.254.19.183 cluster1-02 e0b
Local = 169.254.47.194 169.254.19.183
Remote = 169.254.209.69 169.254.49.125
Cluster Vserver Id = 4294967293
Ping status: ......
Basic connectivity succeeds on 4 path(s)
Basic connectivity fails on 0 path(s)
................
Detected 9000 byte MTU on 4 path(s):
Local 169.254.19.183 to Remote 169.254.209.69
Local 169.254.19.183 to Remote 169.254.49.125
Local 169.254.47.194 to Remote 169.254.209.69
Local 169.254.47.194 to Remote 169.254.49.125
Larger than PMTU communication succeeds on 4 path(s)
RPC status:
2 paths up, 0 paths down (tcp check)
2 paths up, 0 paths down (udp check)
升级 RCF 后,您"验证 SSH 配置"。