升级参考配置文件(RCF)
建议更改
PDF
如果操作交换机上安装了现有版本的RCF文件、则可以升级RCF版本。
确保您已具备以下条件:
-
交换机配置的当前备份。
-
一个完全正常运行的集群(日志中没有错误或类似问题)。
-
当前的RC框架。
-
如果要更新RC框架 版本、则需要在RCIF中配置一个能够反映所需启动映像的启动配置。
如果您需要更改启动配置以反映当前启动映像,则必须在重新应用 RCF 之前进行更改,以便在将来重新启动时实例化正确的版本。
|
在此操作步骤 期间、不需要可操作的交换机间链路(ISL)。这是设计上的原因、因为RCF版本更改可能会暂时影响ISL连接。为了确保集群无中断运行、以下操作步骤 会在对目标交换机执行步骤时将所有集群LIF迁移到运行中的配对交换机。 |
|
在安装新的交换机软件版本和 RCF 之前,您必须擦除交换机设置并执行基本配置。您必须使用串行控制台连接到交换机、或者在擦除交换机设置之前保留了基本配置信息。 |
第1步:准备升级
-
显示连接到集群交换机的每个节点上的集群端口:
network device-discovery show显示示例
cluster1::*> network device-discovery show Node/ Local Discovered Protocol Port Device (LLDP: ChassisID) Interface Platform ----------- ------ ------------------------- ---------------- ------------ cluster1-01/cdp e0a cs1 Ethernet1/7 N3K-C3132Q-V e0d cs2 Ethernet1/7 N3K-C3132Q-V cluster1-02/cdp e0a cs1 Ethernet1/8 N3K-C3132Q-V e0d cs2 Ethernet1/8 N3K-C3132Q-V cluster1-03/cdp e0a cs1 Ethernet1/1/1 N3K-C3132Q-V e0b cs2 Ethernet1/1/1 N3K-C3132Q-V cluster1-04/cdp e0a cs1 Ethernet1/1/2 N3K-C3132Q-V e0b cs2 Ethernet1/1/2 N3K-C3132Q-V cluster1::*> -
检查每个集群端口的管理和运行状态。
-
验证所有集群端口是否均已启动且状态正常:
network port show -ipspace cluster显示示例
cluster1::*> network port show -ipspace Cluster Node: cluster1-01 Ignore Speed(Mbps) Health Health Port IPspace Broadcast Domain Link MTU Admin/Oper Status Status --------- ------------ ---------------- ---- ---- ----------- -------- ------ e0a Cluster Cluster up 9000 auto/100000 healthy false e0d Cluster Cluster up 9000 auto/100000 healthy false Node: cluster1-02 Ignore Speed(Mbps) Health Health Port IPspace Broadcast Domain Link MTU Admin/Oper Status Status --------- ------------ ---------------- ---- ---- ----------- -------- ------ e0a Cluster Cluster up 9000 auto/100000 healthy false e0d Cluster Cluster up 9000 auto/100000 healthy false 8 entries were displayed. Node: cluster1-03 Ignore Speed(Mbps) Health Health Port IPspace Broadcast Domain Link MTU Admin/Oper Status Status --------- ------------ ---------------- ---- ---- ----------- -------- ------ e0a Cluster Cluster up 9000 auto/10000 healthy false e0b Cluster Cluster up 9000 auto/10000 healthy false Node: cluster1-04 Ignore Speed(Mbps) Health Health Port IPspace Broadcast Domain Link MTU Admin/Oper Status Status --------- ------------ ---------------- ---- ---- ----------- -------- ------ e0a Cluster Cluster up 9000 auto/10000 healthy false e0b Cluster Cluster up 9000 auto/10000 healthy false cluster1::*> -
验证所有集群接口( LIF )是否均位于主端口上:
network interface show -vserver cluster显示示例
cluster1::*> network interface show -vserver Cluster Logical Status Network Current Current Is Vserver Interface Admin/Oper Address/Mask Node Port Home ----------- ------------------ ---------- ----------------- ------------ ------- ---- Cluster cluster1-01_clus1 up/up 169.254.3.4/23 cluster1-01 e0a true cluster1-01_clus2 up/up 169.254.3.5/23 cluster1-01 e0d true cluster1-02_clus1 up/up 169.254.3.8/23 cluster1-02 e0a true cluster1-02_clus2 up/up 169.254.3.9/23 cluster1-02 e0d true cluster1-03_clus1 up/up 169.254.1.3/23 cluster1-03 e0a true cluster1-03_clus2 up/up 169.254.1.1/23 cluster1-03 e0b true cluster1-04_clus1 up/up 169.254.1.6/23 cluster1-04 e0a true cluster1-04_clus2 up/up 169.254.1.7/23 cluster1-04 e0b true cluster1::*> -
验证集群是否同时显示两个集群交换机的信息:
ssystem cluster-switch show -is-monitoring-enableed-Operational true显示示例
cluster1::*> system cluster-switch show -is-monitoring-enabled-operational true Switch Type Address Model --------------------------- ------------------ ---------------- --------------- cs1 cluster-network 10.0.0.1 NX3132QV Serial Number: FOXXXXXXXGS Is Monitored: true Reason: None Software Version: Cisco Nexus Operating System (NX-OS) Software, Version 9.3(4) Version Source: CDP cs2 cluster-network 10.0.0.2 NX3132QV Serial Number: FOXXXXXXXGD Is Monitored: true Reason: None Software Version: Cisco Nexus Operating System (NX-OS) Software, Version 9.3(4) Version Source: CDP 2 entries were displayed.
对于ONTAP 9.8及更高版本、请使用命令 system switch ethernet show -is-monitoring-enabled-operational true。 -
-
在集群 LIF 上禁用自动还原。
cluster1::*> network interface modify -vserver Cluster -lif * -auto-revert false
确保在运行此命令后禁用自动还原。
第2步:配置端口
-
在集群交换机 CS2 上,关闭连接到节点集群端口的端口。
cs2> enable cs2# configure cs2(config)# interface eth1/1/1-2,eth1/7-8 cs2(config-if-range)# shutdown cs2(config-if-range)# exit cs2# exit
显示的端口数量根据集群中的节点数量而变化。 -
验证集群端口是否已故障转移到集群交换机 cs1 上托管的端口。这可能需要几秒钟。
network interface show -vserver cluster显示示例
cluster1::*> network interface show -vserver Cluster Logical Status Network Current Current Is Vserver Interface Admin/Oper Address/Mask Node Port Home ----------- ----------------- ---------- ------------------ ------------- ------- ---- Cluster cluster1-01_clus1 up/up 169.254.3.4/23 cluster1-01 e0a true cluster1-01_clus2 up/up 169.254.3.5/23 cluster1-01 e0a false cluster1-02_clus1 up/up 169.254.3.8/23 cluster1-02 e0a true cluster1-02_clus2 up/up 169.254.3.9/23 cluster1-02 e0a false cluster1-03_clus1 up/up 169.254.1.3/23 cluster1-03 e0a true cluster1-03_clus2 up/up 169.254.1.1/23 cluster1-03 e0a false cluster1-04_clus1 up/up 169.254.1.6/23 cluster1-04 e0a true cluster1-04_clus2 up/up 169.254.1.7/23 cluster1-04 e0a false cluster1::*> -
验证集群是否运行正常:
cluster show显示示例
cluster1::*> cluster show Node Health Eligibility Epsilon -------------------- ------- ------------ ------- cluster1-01 true true false cluster1-02 true true false cluster1-03 true true true cluster1-04 true true false cluster1::*>
-
如果尚未保存当前交换机配置的副本、请将以下命令的输出复制到文本文件中:
s如何运行配置 -
记录当前运行配置和正在使用的 RCF 文件之间的任何自定义添加。
确保配置以下内容:
-
用户名和密码
-
管理 IP 地址
-
默认网关
-
交换机名称
-
-
将基本配置详细信息保存到 `write_erase.cfg`bootflash 上的文件。
升级或应用新的 RCF 时,必须清除交换机设置并执行基本配置。您必须连接到交换机串行控制台端口才能重新设置交换机。 cs2# show run | section "switchname" > bootflash:write_erase.cfgcs2# show run | section "hostname" >> bootflash:write_erase.cfgcs2# show run | i "username admin password" >> bootflash:write_erase.cfgcs2# show run | section "vrf context management" >> bootflash:write_erase.cfgcs2# show run | section "interface mgmt0" >> bootflash:write_erase.cfg -
升级到 RCF 版本 1.12 及更高版本时,请运行以下命令:
cs2# echo "hardware access-list tcam region vpc-convergence 256" >> bootflash:write_erase.cfgcs2# echo "hardware access-list tcam region racl 256" >> bootflash:write_erase.cfgcs2# echo "hardware access-list tcam region e-racl 256" >> bootflash:write_erase.cfgcs2# echo "hardware access-list tcam region qos 256" >> bootflash:write_erase.cfg请参阅知识库文章 "如何在保持远程连接的同时清除Cisco互连交换机上的配置"了解更多详情。
-
验证 `write_erase.cfg`文件按预期填充:
show file bootflash:write_erase.cfg -
发出 `write erase`命令来删除当前保存的配置:
cs2# write eraseWarning: This command will erase the startup-configuration.Do you wish to proceed anyway? (y/n) [n] y -
将先前保存的基本配置复制到启动配置中。
cs2# copy bootflash:write_erase.cfg startup-config -
重新启动交换机:
cs2# reloadThis command will reboot the system. (y/n)? [n] y -
再次访问管理IP地址后、通过SSH登录到交换机。
您可能需要更新与SSH密钥相关的主机文件条目。
-
使用以下传输协议之一将 RCF 复制到交换机 cs2 的 bootflash:FTP、TFTP、SFTP 或 SCP。有关Cisco命令的更多信息,请参阅"《 Cisco Nexus 3000 系列 NX-OS 命令参考》"指南。
显示示例
cs2# copy tftp: bootflash: vrf management Enter source filename: Nexus_3132QV_RCF_v1.6-Cluster-HA-Breakout.txt Enter hostname for the tftp server: 172.22.201.50 Trying to connect to tftp server......Connection to Server Established. TFTP get operation was successful Copy complete, now saving to disk (please wait)...
-
将先前下载的 RCF 应用于 bootflash 。
有关 Cisco 命令的详细信息,请参见中的相应指南 "《 Cisco Nexus 3000 系列 NX-OS 命令参考》" 指南。
显示示例
cs2# copy Nexus_3132QV_RCF_v1.6-Cluster-HA-Breakout.txt running-config echo-commands
请务必仔细阅读 RCF 的 安装说明、重要说明 和 横幅 部分。您必须阅读并遵循这些说明以确保交换机的正确配置和操作。
-
验证 RCF 文件是否为正确的较新版本:
s如何运行配置在检查输出以确认您的 RCF 正确无误时,请确保以下信息正确无误:
-
RCF 横幅
-
节点和端口设置
-
自定义
输出因站点配置而异。检查端口设置,并参阅发行说明,了解您安装的 RCF 的任何特定更改。
有关如何在 RCF 升级后使 10GbE 端口联机的步骤,请参阅知识库文章"Cisco 3132Q集群交换机上的10GbE端口未联机"。 -
-
验证 RCF 版本和开关设置正确后,复制 `running-config`文件到 `startup-config`文件。
有关Cisco命令的更多信息,请参阅"《 Cisco Nexus 3000 系列 NX-OS 命令参考》"指南。
显示示例
cs2# copy running-config startup-config [########################################] 100% Copy complete
-
重新启动交换机 CS2 。您可以忽略交换机重新启动时节点上报告的"集群端口关闭"事件以及错误
% Invalid command at '^' marker输出。cs2# reload This command will reboot the system. (y/n)? [n] y
-
将先前的所有自定义设置重新应用于交换机配置。"查看布线和配置注意事项"有关所需的任何进一步更改的详细信息、请参见。
-
验证集群上集群端口的运行状况。
-
验证集群中所有节点上的集群端口是否均已启动且运行正常:
network port show -ipspace cluster显示示例
cluster1::*> network port show -ipspace Cluster Node: cluster1-01 Ignore Speed(Mbps) Health Health Port IPspace Broadcast Domain Link MTU Admin/Oper Status Status --------- ------------ ---------------- ---- ---- ----------- -------- ------ e0a Cluster Cluster up 9000 auto/10000 healthy false e0b Cluster Cluster up 9000 auto/10000 healthy false Node: cluster1-02 Ignore Speed(Mbps) Health Health Port IPspace Broadcast Domain Link MTU Admin/Oper Status Status --------- ------------ ---------------- ---- ---- ----------- -------- ------ e0a Cluster Cluster up 9000 auto/10000 healthy false e0b Cluster Cluster up 9000 auto/10000 healthy false Node: cluster1-03 Ignore Speed(Mbps) Health Health Port IPspace Broadcast Domain Link MTU Admin/Oper Status Status --------- ------------ ---------------- ---- ---- ----------- -------- ------ e0a Cluster Cluster up 9000 auto/100000 healthy false e0d Cluster Cluster up 9000 auto/100000 healthy false Node: cluster1-04 Ignore Speed(Mbps) Health Health Port IPspace Broadcast Domain Link MTU Admin/Oper Status Status --------- ------------ ---------------- ---- ---- ----------- -------- ------ e0a Cluster Cluster up 9000 auto/100000 healthy false e0d Cluster Cluster up 9000 auto/100000 healthy false -
从集群验证交换机运行状况。
network device-discovery show -protocol cdp显示示例
cluster1::*> network device-discovery show -protocol cdp Node/ Local Discovered Protocol Port Device (LLDP: ChassisID) Interface Platform ----------- ------ ------------------------- ----------------- -------- cluster1-01/cdp e0a cs1 Ethernet1/7 N3K-C3132Q-V e0d cs2 Ethernet1/7 N3K-C3132Q-V cluster01-2/cdp e0a cs1 Ethernet1/8 N3K-C3132Q-V e0d cs2 Ethernet1/8 N3K-C3132Q-V cluster01-3/cdp e0a cs1 Ethernet1/1/1 N3K-C3132Q-V e0b cs2 Ethernet1/1/1 N3K-C3132Q-V cluster1-04/cdp e0a cs1 Ethernet1/1/2 N3K-C3132Q-V e0b cs2 Ethernet1/1/2 N3K-C3132Q-V cluster1::*> system cluster-switch show -is-monitoring-enabled-operational true Switch Type Address Model --------------------------- ------------------ ---------------- ----- cs1 cluster-network 10.233.205.90 N3K-C3132Q-V Serial Number: FOXXXXXXXGD Is Monitored: true Reason: None Software Version: Cisco Nexus Operating System (NX-OS) Software, Version 9.3(4) Version Source: CDP cs2 cluster-network 10.233.205.91 N3K-C3132Q-V Serial Number: FOXXXXXXXGS Is Monitored: true Reason: None Software Version: Cisco Nexus Operating System (NX-OS) Software, Version 9.3(4) Version Source: CDP 2 entries were displayed.
对于ONTAP 9.8及更高版本、请使用命令 system switch ethernet show -is-monitoring-enabled-operational true。
根据先前加载在 CS1 交换机控制台上的 RCF 版本,您可能会在该交换机控制台上看到以下输出。
2020 Nov 17 16:07:18 cs1 %$ VDC-1 %$ %STP-2-UNBLOCK_CONSIST_PORT: Unblocking port port-channel1 on VLAN0092. Port consistency restored. 2020 Nov 17 16:07:23 cs1 %$ VDC-1 %$ %STP-2-BLOCK_PVID_PEER: Blocking port-channel1 on VLAN0001. Inconsistent peer vlan. 2020 Nov 17 16:07:23 cs1 %$ VDC-1 %$ %STP-2-BLOCK_PVID_LOCAL: Blocking port-channel1 on VLAN0092. Inconsistent local vlan.+
集群节点报告运行状况可能需要长达5分钟的时间。 -
-
在集群交换机 CS1 上,关闭连接到节点集群端口的端口。
显示示例
cs1> enable cs1# configure cs1(config)# interface eth1/1/1-2,eth1/7-8 cs1(config-if-range)# shutdown cs1(config-if-range)# exit cs1# exit
显示的端口数量根据集群中的节点数量而变化。 -
验证集群 LIF 是否已迁移到交换机 CS2 上托管的端口。这可能需要几秒钟的时间。
network interface show -vserver cluster显示示例
cluster1::*> network interface show -vserver Cluster Logical Status Network Current Current Is Vserver Interface Admin/Oper Address/Mask Node Port Home ----------- ------------------ ---------- ------------------ ------------------- ------- ---- Cluster cluster1-01_clus1 up/up 169.254.3.4/23 cluster1-01 e0d false cluster1-01_clus2 up/up 169.254.3.5/23 cluster1-01 e0d true cluster1-02_clus1 up/up 169.254.3.8/23 cluster1-02 e0d false cluster1-02_clus2 up/up 169.254.3.9/23 cluster1-02 e0d true cluster1-03_clus1 up/up 169.254.1.3/23 cluster1-03 e0b false cluster1-03_clus2 up/up 169.254.1.1/23 cluster1-03 e0b true cluster1-04_clus1 up/up 169.254.1.6/23 cluster1-04 e0b false cluster1-04_clus2 up/up 169.254.1.7/23 cluster1-04 e0b true cluster1::*> -
验证集群是否运行正常:
cluster show显示示例
cluster1::*> cluster show Node Health Eligibility Epsilon -------------------- -------- ------------- ------- cluster1-01 true true false cluster1-02 true true false cluster1-03 true true true cluster1-04 true true false 4 entries were displayed. cluster1::*>
-
在交换机 cs1 上重复步骤 1 至 19。
-
在集群 LIF 上启用自动还原。
cluster1::*> network interface modify -vserver Cluster -lif * -auto-revert True
-
重新启动交换机 CS1 。执行此操作可触发集群 LIF 还原到其主端口。您可以忽略交换机重新启动时在节点上报告的 " 集群端口关闭 " 事件。
cs1# reload This command will reboot the system. (y/n)? [n] y
第3步:验证配置
-
验证连接到集群端口的交换机端口是否已启动。
show interface brief | grep up显示示例
cs1# show interface brief | grep up . . Eth1/1/1 1 eth access up none 10G(D) -- Eth1/1/2 1 eth access up none 10G(D) -- Eth1/7 1 eth trunk up none 100G(D) -- Eth1/8 1 eth trunk up none 100G(D) -- . .
-
验证 CS1 和 CS2 之间的 ISL 是否正常运行:
s如何执行端口通道摘要显示示例
cs1# show port-channel summary Flags: D - Down P - Up in port-channel (members) I - Individual H - Hot-standby (LACP only) s - Suspended r - Module-removed b - BFD Session Wait S - Switched R - Routed U - Up (port-channel) p - Up in delay-lacp mode (member) M - Not in use. Min-links not met -------------------------------------------------------------------------------- Group Port- Type Protocol Member Ports Channel -------------------------------------------------------------------------------- 1 Po1(SU) Eth LACP Eth1/31(P) Eth1/32(P) cs1# -
验证集群 LIF 是否已恢复到其主端口:
network interface show -vserver cluster显示示例
cluster1::*> network interface show -vserver Cluster Logical Status Network Current Current Is Vserver Interface Admin/Oper Address/Mask Node Port Home ----------- ------------------ ---------- ------------------ ------------------- ------- ---- Cluster cluster1-01_clus1 up/up 169.254.3.4/23 cluster1-01 e0d true cluster1-01_clus2 up/up 169.254.3.5/23 cluster1-01 e0d true cluster1-02_clus1 up/up 169.254.3.8/23 cluster1-02 e0d true cluster1-02_clus2 up/up 169.254.3.9/23 cluster1-02 e0d true cluster1-03_clus1 up/up 169.254.1.3/23 cluster1-03 e0b true cluster1-03_clus2 up/up 169.254.1.1/23 cluster1-03 e0b true cluster1-04_clus1 up/up 169.254.1.6/23 cluster1-04 e0b true cluster1-04_clus2 up/up 169.254.1.7/23 cluster1-04 e0b true cluster1::*> -
验证集群是否运行正常:
cluster show显示示例
cluster1::*> cluster show Node Health Eligibility Epsilon -------------------- ------- ------------- ------- cluster1-01 true true false cluster1-02 true true false cluster1-03 true true true cluster1-04 true true false cluster1::*>
-
验证远程集群接口的连接:
您可以使用 network interface check cluster-connectivity 命令启动集群连接的可访问性检查、然后显示详细信息:
network interface check cluster-connectivity start 和 network interface check cluster-connectivity show
cluster1::*> network interface check cluster-connectivity start
*注:*请等待几秒钟、然后再运行show命令显示详细信息。
cluster1::*> network interface check cluster-connectivity show
Source Destination Packet
Node Date LIF LIF Loss
------ -------------------------- ------------------- ------------------- -----------
cluster1-01
3/5/2022 19:21:18 -06:00 cluster1-01_clus2 cluster1-02_clus1 none
3/5/2022 19:21:20 -06:00 cluster1-01_clus2 cluster1-02_clus2 none
cluster1-02
3/5/2022 19:21:18 -06:00 cluster1-02_clus2 cluster1-01_clus1 none
3/5/2022 19:21:20 -06:00 cluster1-02_clus2 cluster1-01_clus2 none
对于所有ONTAP版本、您还可以使用 cluster ping-cluster -node <name> 用于检查连接的命令:
cluster ping-cluster -node <name>
cluster1::*> cluster ping-cluster -node local
Host is cluster1-02
Getting addresses from network interface table...
Cluster cluster1-01_clus1 169.254.209.69 cluster1-01 e0a
Cluster cluster1-01_clus2 169.254.49.125 cluster1-01 e0b
Cluster cluster1-02_clus1 169.254.47.194 cluster1-02 e0a
Cluster cluster1-02_clus2 169.254.19.183 cluster1-02 e0b
Local = 169.254.47.194 169.254.19.183
Remote = 169.254.209.69 169.254.49.125
Cluster Vserver Id = 4294967293
Ping status: ......
Basic connectivity succeeds on 4 path(s)
Basic connectivity fails on 0 path(s)
................
Detected 9000 byte MTU on 4 path(s):
Local 169.254.19.183 to Remote 169.254.209.69
Local 169.254.19.183 to Remote 169.254.49.125
Local 169.254.47.194 to Remote 169.254.209.69
Local 169.254.47.194 to Remote 169.254.49.125
Larger than PMTU communication succeeds on 4 path(s)
RPC status:
2 paths up, 0 paths down (tcp check)
2 paths up, 0 paths down (udp check)
升级 RCF 后,您"验证 SSH 配置"。