升级参考配置文件(RCF)
建议更改
PDF
如果操作交换机上安装了现有版本的RCF文件、则可以升级RCF版本。
确保您已具备以下条件:
-
交换机配置的当前备份。
-
一个完全正常运行的集群(日志中没有错误或类似问题)。
-
当前的RC框架。
-
如果要更新RC框架 版本、则需要在RCIF中配置一个能够反映所需启动映像的启动配置。
如果您需要更改启动配置以反映当前启动映像,则必须在重新应用 RCF 之前进行更改,以便在将来重新启动时实例化正确的版本。
|
在此操作步骤 期间、不需要可操作的交换机间链路(ISL)。这是设计上的原因、因为RCF版本更改可能会暂时影响ISL连接。为了确保集群无中断运行、以下操作步骤 会在对目标交换机执行步骤时将所有集群LIF迁移到运行中的配对交换机。 |
|
在安装新的交换机软件版本和 RCF 之前,您必须擦除交换机设置并执行基本配置。您必须使用串行控制台连接到交换机、或者在擦除交换机设置之前保留了基本配置信息。 |
第1步:准备升级
-
显示连接到集群交换机的每个节点上的集群端口:
network device-discovery show显示示例
cluster1::*> network device-discovery show Node/ Local Discovered Protocol Port Device (LLDP: ChassisID) Interface Platform ----------- ------ ------------------------- ---------------- -------- cluster1-01/cdp e0a cs1 Ethernet1/7 N3K-C3232C e0d cs2 Ethernet1/7 N3K-C3232C cluster1-02/cdp e0a cs1 Ethernet1/8 N3K-C3232C e0d cs2 Ethernet1/8 N3K-C3232C cluster1-03/cdp e0a cs1 Ethernet1/1/1 N3K-C3232C e0b cs2 Ethernet1/1/1 N3K-C3232C cluster1-04/cdp e0a cs1 Ethernet1/1/2 N3K-C3232C e0b cs2 Ethernet1/1/2 N3K-C3232C cluster1::*> -
检查每个集群端口的管理和运行状态。
-
验证所有集群端口是否均已启动且状态正常:
network port show –role cluster显示示例
cluster1::*> network port show -role cluster Node: cluster1-01 Ignore Speed(Mbps) Health Health Port IPspace Broadcast Domain Link MTU Admin/Oper Status Status --------- ------------ ---------------- ---- ---- ----------- -------- ------ e0a Cluster Cluster up 9000 auto/100000 healthy false e0d Cluster Cluster up 9000 auto/100000 healthy false Node: cluster1-02 Ignore Speed(Mbps) Health Health Port IPspace Broadcast Domain Link MTU Admin/Oper Status Status --------- ------------ ---------------- ---- ---- ----------- -------- ------ e0a Cluster Cluster up 9000 auto/100000 healthy false e0d Cluster Cluster up 9000 auto/100000 healthy false 8 entries were displayed. Node: cluster1-03 Ignore Speed(Mbps) Health Health Port IPspace Broadcast Domain Link MTU Admin/Oper Status Status --------- ------------ ---------------- ---- ---- ----------- -------- ------ e0a Cluster Cluster up 9000 auto/10000 healthy false e0b Cluster Cluster up 9000 auto/10000 healthy false Node: cluster1-04 Ignore Speed(Mbps) Health Health Port IPspace Broadcast Domain Link MTU Admin/Oper Status Status --------- ------------ ---------------- ---- ---- ----------- -------- ------ e0a Cluster Cluster up 9000 auto/10000 healthy false e0b Cluster Cluster up 9000 auto/10000 healthy false cluster1::*> -
验证所有集群接口( LIF )是否均位于主端口上:
network interface show -role cluster显示示例
cluster1::*> network interface show -role cluster Logical Status Network Current Current Is Vserver Interface Admin/Oper Address/Mask Node Port Home ----------- ------------------ ---------- ----------------- ------------ ------- ---- Cluster cluster1-01_clus1 up/up 169.254.3.4/23 cluster1-01 e0a true cluster1-01_clus2 up/up 169.254.3.5/23 cluster1-01 e0d true cluster1-02_clus1 up/up 169.254.3.8/23 cluster1-02 e0a true cluster1-02_clus2 up/up 169.254.3.9/23 cluster1-02 e0d true cluster1-03_clus1 up/up 169.254.1.3/23 cluster1-03 e0a true cluster1-03_clus2 up/up 169.254.1.1/23 cluster1-03 e0b true cluster1-04_clus1 up/up 169.254.1.6/23 cluster1-04 e0a true cluster1-04_clus2 up/up 169.254.1.7/23 cluster1-04 e0b true 8 entries were displayed. cluster1::*> -
验证集群是否同时显示两个集群交换机的信息:
ssystem cluster-switch show -is-monitoring-enableed-Operational true
显示示例
cluster1::*> system cluster-switch show -is-monitoring-enabled-operational true Switch Type Address Model --------------------------- ------------------ ---------------- --------------- cs1 cluster-network 10.233.205.92 NX3232C Serial Number: FOXXXXXXXGS Is Monitored: true Reason: None Software Version: Cisco Nexus Operating System (NX-OS) Software, Version 9.3(4) Version Source: CDP cs2 cluster-network 10.233.205.93 NX3232C Serial Number: FOXXXXXXXGD Is Monitored: true Reason: None Software Version: Cisco Nexus Operating System (NX-OS) Software, Version 9.3(4) Version Source: CDP 2 entries were displayed. -
-
在集群 LIF 上禁用自动还原。
cluster1::*> network interface modify -vserver Cluster -lif * -auto-revert false
第2步:配置端口
-
在集群交换机 CS2 上,关闭连接到节点集群端口的端口。
cs2> enable cs2# configure cs2(config)# interface eth1/1/1-2,eth1/7-8 cs2(config-if-range)# shutdown cs2(config-if-range)# exit cs2# exit
确保关闭*所有*连接的集群端口以避免出现任何网络连接问题。 "在交换机操作系统升级期间迁移集群LIF时、节点丢失仲裁"有关详细信息、请参见知识库文章。 -
验证集群端口是否已故障转移到集群交换机 cs1 上托管的端口。这可能需要几秒钟。
network interface show -role cluster显示示例
cluster1::*> network interface show -role cluster Logical Status Network Current Current Is Vserver Interface Admin/Oper Address/Mask Node Port Home ----------- ----------------- ---------- ------------------ ------------- ------- ---- Cluster cluster1-01_clus1 up/up 169.254.3.4/23 cluster1-01 e0a true cluster1-01_clus2 up/up 169.254.3.5/23 cluster1-01 e0a false cluster1-02_clus1 up/up 169.254.3.8/23 cluster1-02 e0a true cluster1-02_clus2 up/up 169.254.3.9/23 cluster1-02 e0a false cluster1-03_clus1 up/up 169.254.1.3/23 cluster1-03 e0a true cluster1-03_clus2 up/up 169.254.1.1/23 cluster1-03 e0a false cluster1-04_clus1 up/up 169.254.1.6/23 cluster1-04 e0a true cluster1-04_clus2 up/up 169.254.1.7/23 cluster1-04 e0a false 8 entries were displayed. cluster1::*> -
验证集群是否运行正常:
cluster show显示示例
cluster1::*> cluster show Node Health Eligibility Epsilon -------------------- ------- ------------ ------- cluster1-01 true true false cluster1-02 true true false cluster1-03 true true true cluster1-04 true true false 4 entries were displayed. cluster1::*>
-
如果尚未保存当前交换机配置的副本、请将以下命令的输出复制到文本文件中:
s如何运行配置 -
记录当前之间的任何自定义添加 `running-config`以及正在使用的 RCF 文件(例如您组织的 SNMP 配置)。
-
将基本配置详细信息保存到 `write_erase.cfg`bootflash 上的文件。
确保配置以下内容:* 用户名和密码* 管理 IP 地址* 默认网关* 交换机名称
cs2# show run | section "switchname" > bootflash:write_erase.cfgcs2# show run | section "hostname" >> bootflash:write_erase.cfgcs2# show run | i "username admin password" >> bootflash:write_erase.cfgcs2# show run | section "vrf context management" >> bootflash:write_erase.cfgcs2# show run | section "interface mgmt0" >> bootflash:write_erase.cfg -
升级到 RCF 版本 1.12 及更高版本时,请运行以下命令:
cs2# echo "hardware access-list tcam region racl-lite 512" >> bootflash:write_erase.cfgcs2# echo "hardware access-list tcam region qos 256" >> bootflash:write_erase.cfg请参阅知识库文章 "如何在保持远程连接的同时清除Cisco互连交换机上的配置"了解更多详情。
-
验证 `write_erase.cfg`文件按预期填充:
show file bootflash:write_erase.cfg -
发出 `write erase`命令来删除当前保存的配置:
cs2# write eraseWarning: This command will erase the startup-configuration.Do you wish to proceed anyway? (y/n) [n] y -
将先前保存的基本配置复制到启动配置中。
cs2# copy bootflash:write_erase.cfg startup-config -
重新启动交换机cs2:
cs2# reloadThis command will reboot the system. (y/n)? [n] y -
再次访问管理IP地址后、通过SSH登录到交换机。
您可能需要更新与SSH密钥相关的主机文件条目。
-
使用以下传输协议之一将 RCF 复制到交换机 cs2 的 bootflash:FTP、TFTP、SFTP 或 SCP。有关Cisco命令的更多信息,请参阅 "《 Cisco Nexus 3000 系列 NX-OS 命令参考》"指南。
显示示例
此示例显示了使用 TFTP 将 RCF 复制到交换机 CS2 上的 bootflash 。
cs2# copy tftp: bootflash: vrf management Enter source filename: Nexus_3232C_RCF_v1.6-Cluster-HA-Breakout.txt Enter hostname for the tftp server: 172.22.201.50 Trying to connect to tftp server......Connection to Server Established. TFTP get operation was successful Copy complete, now saving to disk (please wait)...
-
将先前下载的 RCF 应用于 bootflash 。
有关 Cisco 命令的详细信息,请参见中的相应指南 "《 Cisco Nexus 3000 系列 NX-OS 命令参考》" 指南。
显示示例
此示例显示了正在交换机 CS2 上安装的 RCF 文件
Nexus 3232C_RCF_v1.6-Cluster-HA-Breakout 。 txt:cs2# copy Nexus_3232C_RCF_v1.6-Cluster-HA-Breakout.txt running-config echo-commands
请务必仔细阅读 RCF 的 安装说明、重要说明 和 横幅 部分。您必须阅读并遵循这些说明以确保交换机的正确配置和操作。
-
验证 RCF 文件是否为正确的较新版本:
s如何运行配置在检查输出以确认您的 RCF 正确无误时,请确保以下信息正确无误:
-
RCF 横幅
-
节点和端口设置
-
自定义
输出因站点配置而异。检查端口设置,并参阅发行说明,了解您安装的 RCF 的任何特定更改。
-
-
将先前的所有自定义设置重新应用于交换机配置。"查看布线和配置注意事项"有关所需的任何进一步更改的详细信息、请参见。
-
验证 RCF 版本和交换机设置是否正确后,将 running-config 文件复制到 startup-config 文件。
有关 Cisco 命令的详细信息,请参见中的相应指南 "《 Cisco Nexus 3000 系列 NX-OS 命令参考》" 指南。
cs2# copy running-config startup-config [########################################] 100% Copy complete
-
重新启动交换机 CS2 。您可以忽略交换机重新启动时在节点上报告的 " 集群端口关闭 " 事件。
cs2# reload This command will reboot the system. (y/n)? [n] y
-
验证集群上集群端口的运行状况。
-
验证集群中所有节点上的 e0d 端口是否均已启动且运行正常:
network port show -role cluster显示示例
cluster1::*> network port show -role cluster Node: cluster1-01 Ignore Speed(Mbps) Health Health Port IPspace Broadcast Domain Link MTU Admin/Oper Status Status --------- ------------ ---------------- ---- ---- ----------- -------- ------ e0a Cluster Cluster up 9000 auto/10000 healthy false e0b Cluster Cluster up 9000 auto/10000 healthy false Node: cluster1-02 Ignore Speed(Mbps) Health Health Port IPspace Broadcast Domain Link MTU Admin/Oper Status Status --------- ------------ ---------------- ---- ---- ----------- -------- ------ e0a Cluster Cluster up 9000 auto/10000 healthy false e0b Cluster Cluster up 9000 auto/10000 healthy false Node: cluster1-03 Ignore Speed(Mbps) Health Health Port IPspace Broadcast Domain Link MTU Admin/Oper Status Status --------- ------------ ---------------- ---- ---- ----------- -------- ------ e0a Cluster Cluster up 9000 auto/100000 healthy false e0d Cluster Cluster up 9000 auto/100000 healthy false Node: cluster1-04 Ignore Speed(Mbps) Health Health Port IPspace Broadcast Domain Link MTU Admin/Oper Status Status --------- ------------ ---------------- ---- ---- ----------- -------- ------ e0a Cluster Cluster up 9000 auto/100000 healthy false e0d Cluster Cluster up 9000 auto/100000 healthy false 8 entries were displayed. -
从集群验证交换机运行状况(此操作可能不会显示交换机 CS2 ,因为 LIF 不驻留在 e0d 上)。
显示示例
cluster1::*> network device-discovery show -protocol cdp Node/ Local Discovered Protocol Port Device (LLDP: ChassisID) Interface Platform ----------- ------ ------------------------- ----------------- -------- cluster1-01/cdp e0a cs1 Ethernet1/7 N3K-C3232C e0d cs2 Ethernet1/7 N3K-C3232C cluster01-2/cdp e0a cs1 Ethernet1/8 N3K-C3232C e0d cs2 Ethernet1/8 N3K-C3232C cluster01-3/cdp e0a cs1 Ethernet1/1/1 N3K-C3232C e0b cs2 Ethernet1/1/1 N3K-C3232C cluster1-04/cdp e0a cs1 Ethernet1/1/2 N3K-C3232C e0b cs2 Ethernet1/1/2 N3K-C3232C cluster1::*> system cluster-switch show -is-monitoring-enabled-operational true Switch Type Address Model --------------------------- ------------------ ---------------- ----- cs1 cluster-network 10.233.205.90 N3K-C3232C Serial Number: FOXXXXXXXGD Is Monitored: true Reason: None Software Version: Cisco Nexus Operating System (NX-OS) Software, Version 9.3(4) Version Source: CDP cs2 cluster-network 10.233.205.91 N3K-C3232C Serial Number: FOXXXXXXXGS Is Monitored: true Reason: None Software Version: Cisco Nexus Operating System (NX-OS) Software, Version 9.3(4) Version Source: CDP 2 entries were displayed.
根据交换机上先前加载的 RCF 版本,您可能会在 cs1 交换机控制台上观察到以下输出 2020 年 11 月 17 日 16:07:18 cs1 %$ VDC-1 %$ %STP-2-UNBLOCK_CONSIST_PORT:解除 VLAN0092 上的端口 port-channel1 的阻塞。端口一致性已恢复。 2020 年 11 月 17 日 16:07:23 cs1 %$ VDC-1 %$ %STP-2-BLOCK_PVID_PEER:阻塞 VLAN0001 上的端口通道 1。对等 VLAN 不一致。 2020 年 11 月 17 日 16:07:23 cs1 %$ VDC-1 %$ %STP-2-BLOCK_PVID_LOCAL:阻塞 VLAN0092 上的端口通道 1。本地vlan不一致。
集群节点报告运行状况可能需要长达5分钟的时间。 -
-
在集群交换机 CS1 上,关闭连接到节点集群端口的端口。
显示示例
以下示例使用步骤 1 中的接口示例输出:
cs1(config)# interface eth1/1/1-2,eth1/7-8 cs1(config-if-range)# shutdown
-
验证集群 LIF 是否已迁移到交换机 CS2 上托管的端口。这可能需要几秒钟的时间。
network interface show -role cluster显示示例
cluster1::*> network interface show -role cluster Logical Status Network Current Current Is Vserver Interface Admin/Oper Address/Mask Node Port Home ----------- ------------------ ---------- ------------------ ------------------- ------- ---- Cluster cluster1-01_clus1 up/up 169.254.3.4/23 cluster1-01 e0d false cluster1-01_clus2 up/up 169.254.3.5/23 cluster1-01 e0d true cluster1-02_clus1 up/up 169.254.3.8/23 cluster1-02 e0d false cluster1-02_clus2 up/up 169.254.3.9/23 cluster1-02 e0d true cluster1-03_clus1 up/up 169.254.1.3/23 cluster1-03 e0b false cluster1-03_clus2 up/up 169.254.1.1/23 cluster1-03 e0b true cluster1-04_clus1 up/up 169.254.1.6/23 cluster1-04 e0b false cluster1-04_clus2 up/up 169.254.1.7/23 cluster1-04 e0b true 8 entries were displayed. cluster1::*> -
验证集群是否运行正常:
cluster show显示示例
cluster1::*> cluster show Node Health Eligibility Epsilon -------------------- -------- ------------- ------- cluster1-01 true true false cluster1-02 true true false cluster1-03 true true true cluster1-04 true true false 4 entries were displayed. cluster1::*>
-
在交换机 cs1 上重复步骤 4 至 19。
-
在集群 LIF 上启用自动还原。
cluster1::*> network interface modify -vserver Cluster -lif * -auto-revert true
第3步:验证集群网络配置和集群运行状况
-
验证连接到集群端口的交换机端口是否为*已启动*。
show interface brief | grep up显示示例
cs1# show interface brief | grep up . . Eth1/1/1 1 eth access up none 10G(D) -- Eth1/1/2 1 eth access up none 10G(D) -- Eth1/7 1 eth trunk up none 100G(D) -- Eth1/8 1 eth trunk up none 100G(D) -- . .
-
验证 CS1 和 CS2 之间的 ISL 是否正常运行:
s如何执行端口通道摘要显示示例
cs1# show port-channel summary Flags: D - Down P - Up in port-channel (members) I - Individual H - Hot-standby (LACP only) s - Suspended r - Module-removed b - BFD Session Wait S - Switched R - Routed U - Up (port-channel) p - Up in delay-lacp mode (member) M - Not in use. Min-links not met -------------------------------------------------------------------------------- Group Port- Type Protocol Member Ports Channel -------------------------------------------------------------------------------- 1 Po1(SU) Eth LACP Eth1/31(P) Eth1/32(P) cs1# -
验证集群 LIF 是否已还原到其主端口:
network interface show -role cluster显示示例
cluster1::*> network interface show -role cluster Logical Status Network Current Current Is Vserver Interface Admin/Oper Address/Mask Node Port Home ----------- ------------------ ---------- ------------------ ------------------- ------- ---- Cluster cluster1-01_clus1 up/up 169.254.3.4/23 cluster1-01 e0d true cluster1-01_clus2 up/up 169.254.3.5/23 cluster1-01 e0d true cluster1-02_clus1 up/up 169.254.3.8/23 cluster1-02 e0d true cluster1-02_clus2 up/up 169.254.3.9/23 cluster1-02 e0d true cluster1-03_clus1 up/up 169.254.1.3/23 cluster1-03 e0b true cluster1-03_clus2 up/up 169.254.1.1/23 cluster1-03 e0b true cluster1-04_clus1 up/up 169.254.1.6/23 cluster1-04 e0b true cluster1-04_clus2 up/up 169.254.1.7/23 cluster1-04 e0b true 8 entries were displayed. cluster1::*>如果任何集群LIF未返回到其主端口、请手动还原它们:
network interface revert -vserver vserver_name -lif lif_name -
验证集群是否运行正常:
cluster show显示示例
cluster1::*> cluster show Node Health Eligibility Epsilon -------------------- ------- ------------- ------- cluster1-01 true true false cluster1-02 true true false cluster1-03 true true true cluster1-04 true true false 4 entries were displayed. cluster1::*>
-
验证远程集群接口的连接:
您可以使用 network interface check cluster-connectivity`命令启动集群连接性的可访问性检查,然后显示详细信息:
`network interface check cluster-connectivity start`和 `network interface check cluster-connectivity show
cluster1::*> network interface check cluster-connectivity start
*注:*请等待几秒钟、然后再运行 `show`命令以显示详细信息。
cluster1::*> network interface check cluster-connectivity show
Source Destination Packet
Node Date LIF LIF Loss
------ -------------------------- ------------------- ------------------- -----------
cluster1-01
3/5/2022 19:21:18 -06:00 cluster1-01_clus2 cluster1-02_clus1 none
3/5/2022 19:21:20 -06:00 cluster1-01_clus2 cluster1-02_clus2 none
.
.
cluster1-02
3/5/2022 19:21:18 -06:00 cluster1-02_clus2 cluster1-01_clus1 none
3/5/2022 19:21:20 -06:00 cluster1-02_clus2 cluster1-01_clus2 none
.
.
cluster1-03
.
.
.
.
cluster1-04
.
.
.
.
对于所有ONTAP版本,您还可以使用
cluster ping-cluster -node <name>`检查连接性的命令:
`cluster ping-cluster -node <name>
cluster1::*> cluster ping-cluster -node local
Host is cluster1-03
Getting addresses from network interface table...
Cluster cluster1-03_clus1 169.254.1.3 cluster1-03 e0a
Cluster cluster1-03_clus2 169.254.1.1 cluster1-03 e0b
Cluster cluster1-04_clus1 169.254.1.6 cluster1-04 e0a
Cluster cluster1-04_clus2 169.254.1.7 cluster1-04 e0b
Cluster cluster1-01_clus1 169.254.3.4 cluster1-01 e0a
Cluster cluster1-01_clus2 169.254.3.5 cluster1-01 e0d
Cluster cluster1-02_clus1 169.254.3.8 cluster1-02 e0a
Cluster cluster1-02_clus2 169.254.3.9 cluster1-02 e0d
Local = 169.254.1.3 169.254.1.1
Remote = 169.254.1.6 169.254.1.7 169.254.3.4 169.254.3.5 169.254.3.8 169.254.3.9
Cluster Vserver Id = 4294967293
Ping status:
............
Basic connectivity succeeds on 12 path(s)
Basic connectivity fails on 0 path(s)
................................................
Detected 9000 byte MTU on 12 path(s):
Local 169.254.1.3 to Remote 169.254.1.6
Local 169.254.1.3 to Remote 169.254.1.7
Local 169.254.1.3 to Remote 169.254.3.4
Local 169.254.1.3 to Remote 169.254.3.5
Local 169.254.1.3 to Remote 169.254.3.8
Local 169.254.1.3 to Remote 169.254.3.9
Local 169.254.1.1 to Remote 169.254.1.6
Local 169.254.1.1 to Remote 169.254.1.7
Local 169.254.1.1 to Remote 169.254.3.4
Local 169.254.1.1 to Remote 169.254.3.5
Local 169.254.1.1 to Remote 169.254.3.8
Local 169.254.1.1 to Remote 169.254.3.9
Larger than PMTU communication succeeds on 12 path(s)
RPC status:
6 paths up, 0 paths down (tcp check)
6 paths up, 0 paths down (udp check)
升级 RCF 后,您"验证 SSH 配置"。