简体中文版经机器翻译而成,仅供参考。如与英语版出现任何冲突,应以英语版为准。
安装参考配置文件(RCF)
贡献者
建议更改
PDF
首次设置 Nexus 92300YC 交换机后,您可以安装 RCF。您也可以使用此过程升级您的 RCF 版本。
请参阅知识库文章"如何在保持远程连接的情况下清除Cisco互连交换机上的配置"安装或升级 RCF 时,有关更多信息,请参阅以下内容。
关于此任务
本流程中的示例使用以下开关和节点命名规则:
-
这两台Cisco交换机的名称是:
cs1`和 `cs2。 -
节点名称是
node1`和 `node2。 -
集群 LIF 名称为
node1_clus1,node1_clus2,node2_clus1, 和node2_clus2。 -
这 `cluster1::*>`prompt 指示集群名称。
|
|
步骤
-
显示每个节点上连接到集群交换机的集群端口:
network device-discovery show显示示例
cluster1::*> *network device-discovery show* Node/ Local Discovered Protocol Port Device (LLDP: ChassisID) Interface Platform ----------- ------ ------------------------- ---------------- ------------ node1/cdp e0a cs1 Ethernet1/1/1 N9K-C92300YC e0b cs2 Ethernet1/1/1 N9K-C92300YC node2/cdp e0a cs1 Ethernet1/1/2 N9K-C92300YC e0b cs2 Ethernet1/1/2 N9K-C92300YC cluster1::*> -
检查每个集群端口的管理和运行状态。
-
确认集群所有端口均已启动且状态正常:
network port show -ipspace Cluster显示示例
cluster1::*> *network port show -ipspace Cluster* Node: node1 Ignore Speed(Mbps) Health Health Port IPspace Broadcast Domain Link MTU Admin/Oper Status Status --------- ------------ ---------------- ---- ---- ----------- -------- ------ e0c Cluster Cluster up 9000 auto/100000 healthy false e0d Cluster Cluster up 9000 auto/100000 healthy false Node: node2 Ignore Speed(Mbps) Health Health Port IPspace Broadcast Domain Link MTU Admin/Oper Status Status --------- ------------ ---------------- ---- ---- ----------- -------- ------ e0c Cluster Cluster up 9000 auto/100000 healthy false e0d Cluster Cluster up 9000 auto/100000 healthy false cluster1::*> -
确认所有集群接口(LIF)都位于主端口上:
network interface show -vserver Cluster显示示例
cluster1::*> *network interface show -vserver Cluster* Logical Status Network Current Current Is Vserver Interface Admin/Oper Address/Mask Node Port Home ----------- ------------------ ---------- ----------------- ------------ ------- ---- Cluster node1_clus1 up/up 169.254.3.4/23 node1 e0c true node1_clus2 up/up 169.254.3.5/23 node1 e0d true node2_clus1 up/up 169.254.3.8/23 node2 e0c true node2_clus2 up/up 169.254.3.9/23 node2 e0d true cluster1::*> -
确认集群显示两个集群交换机的信息:
system cluster-switch show -is-monitoring-enabled-operational true显示示例
cluster1::*> *system cluster-switch show -is-monitoring-enabled-operational true* Switch Type Address Model --------------------------- ------------------ ---------------- --------------- cs1 cluster-network 10.233.205.92 N9K-C92300YC Serial Number: FOXXXXXXXGS Is Monitored: true Reason: None Software Version: Cisco Nexus Operating System (NX-OS) Software, Version 9.3(4) Version Source: CDP cs2 cluster-network 10.233.205.93 N9K-C92300YC Serial Number: FOXXXXXXXGD Is Monitored: true Reason: None Software Version: Cisco Nexus Operating System (NX-OS) Software, Version 9.3(4) Version Source: CDP 2 entries were displayed.
-
-
禁用集群 LIF 的自动回滚功能。
cluster1::*> network interface modify -vserver Cluster -lif * -auto-revert false
-
在集群交换机 cs2 上,关闭连接到节点集群端口的端口。
cs2(config)# interface e1/1-64 cs2(config-if-range)# shutdown
-
确认集群端口已迁移到集群交换机 cs1 上托管的端口。这可能需要几秒钟。
network interface show -vserver Cluster显示示例
cluster1::*> *network interface show -vserver Cluster* Logical Status Network Current Current Is Vserver Interface Admin/Oper Address/Mask Node Port Home ----------- ----------------- ---------- ------------------ ------------- ------- ---- Cluster node1_clus1 up/up 169.254.3.4/23 node1 e0c true node1_clus2 up/up 169.254.3.5/23 node1 e0c false node2_clus1 up/up 169.254.3.8/23 node2 e0c true node2_clus2 up/up 169.254.3.9/23 node2 e0c false cluster1::*> -
验证集群是否运行正常:
cluster show显示示例
cluster1::*> *cluster show* Node Health Eligibility Epsilon -------------- ------- ------------ ------- node1 true true false node2 true true false cluster1::*>
-
如果您尚未保存当前交换机配置,请将以下命令的输出复制到文本文件中:
show running-config -
清除交换机 cs2 上的配置并执行基本设置。
更新或应用新的 RCF 时,必须清除交换机设置并执行基本配置。您必须连接到交换机串行控制台端口才能重新设置交换机。 -
清除配置:
显示示例
(cs2)# write erase Warning: This command will erase the startup-configuration. Do you wish to proceed anyway? (y/n) [n] y
-
重启交换机:
显示示例
(cs2)# reload Are you sure you would like to reset the system? (y/n) y
-
-
使用以下传输协议之一将 RCF 复制到交换机 cs2 的 bootflash:FTP、TFTP、SFTP 或 SCP。有关Cisco命令的更多信息,请参阅 "CiscoNexus 9000 系列交换机"指南。
此示例展示了如何使用 TFTP 将 RCF 文件复制到交换机 cs2 的启动闪存中:
cs2# copy tftp: bootflash: vrf management Enter source filename: /code/Nexus_92300YC_RCF_v1.0.2.txt Enter hostname for the tftp server: 172.19.2.1 Enter username: user1 Outbound-ReKey for 172.19.2.1:22 Inbound-ReKey for 172.19.2.1:22 user1@172.19.2.1's password: tftp> progress Progress meter enabled tftp> get /code/Nexus_92300YC_RCF_v1.0.2.txt /bootflash/nxos.9.2.2.bin /code/Nexus_92300YC_R 100% 9687 530.2KB/s 00:00 tftp> exit Copy complete, now saving to disk (please wait)... Copy complete.
-
将之前下载的 RCF 文件应用到启动闪存中。
有关Cisco命令的更多信息,请参阅 "CiscoNexus 9000 系列交换机"指南。
此示例展示了 RCF 文件 `Nexus_92300YC_RCF_v1.0.2.txt`正在交换机 cs2 上安装:
cs2# copy Nexus_92300YC_RCF_v1.0.2.txt running-config echo-commands Disabling ssh: as its enabled right now: generating ecdsa key(521 bits)...... generated ecdsa key Enabling ssh: as it has been disabled this command enables edge port type (portfast) by default on all interfaces. You should now disable edge port type (portfast) explicitly on switched ports leading to hubs, switches and bridges as they may create temporary bridging loops. Edge port type (portfast) should only be enabled on ports connected to a single host. Connecting hubs, concentrators, switches, bridges, etc... to this interface when edge port type (portfast) is enabled, can cause temporary bridging loops. Use with CAUTION Edge Port Type (Portfast) has been configured on Ethernet1/1 but will only have effect when the interface is in a non-trunking mode. ... Copy complete, now saving to disk (please wait)... Copy complete.
-
在交换机上验证 RCF 是否已成功合并:
show running-configcs2# show running-config !Command: show running-config !Running configuration last done at: Wed Apr 10 06:32:27 2019 !Time: Wed Apr 10 06:36:00 2019 version 9.2(2) Bios:version 05.33 switchname cs2 vdc cs2 id 1 limit-resource vlan minimum 16 maximum 4094 limit-resource vrf minimum 2 maximum 4096 limit-resource port-channel minimum 0 maximum 511 limit-resource u4route-mem minimum 248 maximum 248 limit-resource u6route-mem minimum 96 maximum 96 limit-resource m4route-mem minimum 58 maximum 58 limit-resource m6route-mem minimum 8 maximum 8 feature lacp no password strength-check username admin password 5 $5$HY9Kk3F9$YdCZ8iQJ1RtoiEFa0sKP5IO/LNG1k9C4lSJfi5kesl 6 role network-admin ssh key ecdsa 521 banner motd # * * * Nexus 92300YC Reference Configuration File (RCF) v1.0.2 (10-19-2018) * * * * Ports 1/1 - 1/48: 10GbE Intra-Cluster Node Ports * * Ports 1/49 - 1/64: 40/100GbE Intra-Cluster Node Ports * * Ports 1/65 - 1/66: 40/100GbE Intra-Cluster ISL Ports * * *
|
|
首次应用 RCF 时,出现 错误:写入 VSH 命令失败 消息是正常的,可以忽略。 |
-
验证RCF文件是否为正确的新版本:
show running-config检查输出结果以验证是否拥有正确的 RCF 时,请确保以下信息正确:
-
RCF横幅
-
节点和端口设置
-
定制
输出结果会根据您的网站配置而有所不同。检查端口设置,并参考发行说明,了解您安装的 RCF 版本是否有任何特定更改。
-
-
将之前对交换机配置所做的任何自定义设置重新应用。请参阅"审查布线和配置注意事项"有关任何后续变更的详细信息。
-
确认 RCF 版本和交换机设置正确后,将运行配置文件复制到启动配置文件。
有关Cisco命令的更多信息,请参阅 "CiscoNexus 9000 系列交换机"指南。
cs2# copy running-config startup-config [] 100% Copy complete
-
重启交换机cs2。交换机重启期间,您可以忽略节点上报告的“集群端口关闭”事件。
cs2# reload This command will reboot the system. (y/n)? [n] y
-
检查集群上集群端口的运行状况。
-
验证集群中所有节点的 e0d 端口是否已启动且运行状况良好:
network port show -ipspace Cluster显示示例
cluster1::*> *network port show -ipspace Cluster* Node: node1 Ignore Speed(Mbps) Health Health Port IPspace Broadcast Domain Link MTU Admin/Oper Status Status --------- ------------ ---------------- ---- ---- ----------- -------- ------ e0a Cluster Cluster up 9000 auto/10000 healthy false e0b Cluster Cluster up 9000 auto/10000 healthy false Node: node2 Ignore Speed(Mbps) Health Health Port IPspace Broadcast Domain Link MTU Admin/Oper Status Status --------- ------------ ---------------- ---- ---- ----------- -------- ------ e0a Cluster Cluster up 9000 auto/10000 healthy false e0b Cluster Cluster up 9000 auto/10000 healthy false -
从集群验证交换机的健康状况(这可能不会显示交换机 cs2,因为 LIF 没有归位到 e0d)。
显示示例
cluster1::*> *network device-discovery show -protocol cdp* Node/ Local Discovered Protocol Port Device (LLDP: ChassisID) Interface Platform ----------- ------ ------------------------- ----------------- ------------ node1/cdp e0a cs1 Ethernet1/1 N9K-C92300YC e0b cs2 Ethernet1/1 N9K-C92300YC node2/cdp e0a cs1 Ethernet1/2 N9K-C92300YC e0b cs2 Ethernet1/2 N9K-C92300YC cluster1::*> *system cluster-switch show -is-monitoring-enabled-operational true* Switch Type Address Model --------------------------- ------------------ ---------------- ------------ cs1 cluster-network 10.233.205.90 N9K-C92300YC Serial Number: FOXXXXXXXGD Is Monitored: true Reason: None Software Version: Cisco Nexus Operating System (NX-OS) Software, Version 9.3(4) Version Source: CDP cs2 cluster-network 10.233.205.91 N9K-C92300YC Serial Number: FOXXXXXXXGS Is Monitored: true Reason: None Software Version: Cisco Nexus Operating System (NX-OS) Software, Version 9.3(4) Version Source: CDP 2 entries were displayed.
根据交换机上先前加载的 RCF 版本,您可能会在 cs1 交换机控制台上观察到以下输出。
2020 Nov 17 16:07:18 cs1 %$ VDC-1 %$ %STP-2-UNBLOCK_CONSIST_PORT: Unblocking port port-channel1 on VLAN0092. Port consistency restored. 2020 Nov 17 16:07:23 cs1 %$ VDC-1 %$ %STP-2-BLOCK_PVID_PEER: Blocking port-channel1 on VLAN0001. Inconsistent peer vlan. 2020 Nov 17 16:07:23 cs1 %$ VDC-1 %$ %STP-2-BLOCK_PVID_LOCAL: Blocking port-channel1 on VLAN0092. Inconsistent local vlan.
-
-
在集群交换机 cs1 上,关闭连接到节点集群端口的端口。
以下示例使用步骤 1 中的接口示例输出:
cs1(config)# interface e1/1-64 cs1(config-if-range)# shutdown
-
确认集群 LIF 已迁移到交换机 cs2 上托管的端口。这可能需要几秒钟。
network interface show -vserver Cluster显示示例
cluster1::*> *network interface show -vserver Cluster* Logical Status Network Current Current Is Vserver Interface Admin/Oper Address/Mask Node Port Home ----------- ---------------- ---------- ------------------ ----------------- ------- ---- Cluster node1_clus1 up/up 169.254.3.4/23 node1 e0d false node1_clus2 up/up 169.254.3.5/23 node1 e0d true node2_clus1 up/up 169.254.3.8/23 node2 e0d false node2_clus2 up/up 169.254.3.9/23 node2 e0d true cluster1::*> -
验证集群是否运行正常:
cluster show显示示例
cluster1::*> *cluster show* Node Health Eligibility Epsilon -------------- -------- ------------- ------- node1 true true false node2 true true false cluster1::*>
-
在交换机 cs1 上重复步骤 7 至 14。
-
启用集群 LIF 的自动回滚功能。
cluster1::*> network interface modify -vserver Cluster -lif * -auto-revert True
-
重启交换机cs1。这样做是为了触发集群 LIF 恢复到它们的源端口。交换机重启期间,您可以忽略节点上报告的“集群端口关闭”事件。
cs1# reload This command will reboot the system. (y/n)? [n] y
-
确认连接到集群端口的交换机端口已开启。
cs1# show interface brief | grep up . . Ethernet1/1 1 eth access up none 10G(D) -- Ethernet1/2 1 eth access up none 10G(D) -- Ethernet1/3 1 eth trunk up none 100G(D) -- Ethernet1/4 1 eth trunk up none 100G(D) -- . .
-
验证 cs1 和 cs2 之间的 ISL 连接是否正常:
show port-channel summary显示示例
cs1# *show port-channel summary* Flags: D - Down P - Up in port-channel (members) I - Individual H - Hot-standby (LACP only) s - Suspended r - Module-removed b - BFD Session Wait S - Switched R - Routed U - Up (port-channel) p - Up in delay-lacp mode (member) M - Not in use. Min-links not met -------------------------------------------------------------------------------- Group Port- Type Protocol Member Ports Channel -------------------------------------------------------------------------------- 1 Po1(SU) Eth LACP Eth1/65(P) Eth1/66(P) cs1# -
确认集群 LIF 已恢复到其原端口:
network interface show -vserver Cluster显示示例
cluster1::*> *network interface show -vserver Cluster* Logical Status Network Current Current Is Vserver Interface Admin/Oper Address/Mask Node Port Home ----------- ------------- ---------- ------------------ ------------- ------- ---- Cluster node1_clus1 up/up 169.254.3.4/23 node1 e0d true node1_clus2 up/up 169.254.3.5/23 node1 e0d true node2_clus1 up/up 169.254.3.8/23 node2 e0d true node2_clus2 up/up 169.254.3.9/23 node2 e0d true cluster1::*> -
验证集群是否运行正常:
cluster show显示示例
cluster1::*> *cluster show* Node Health Eligibility Epsilon -------------- ------- ------------- ------- node1 true true false node2 true true false
-
验证远程集群接口的连接性:
ONTAP 9.9.1 及更高版本
你可以使用 `network interface check cluster-connectivity`执行命令以启动集群连接性检查,然后显示详细信息:
network interface check cluster-connectivity start`和 `network interface check cluster-connectivity show
cluster1::*> network interface check cluster-connectivity start
*注意:*运行程序前请等待几秒钟 `show`显示详细信息的命令。
cluster1::*> network interface check cluster-connectivity show
Source Destination Packet
Node Date LIF LIF Loss
------ -------------------------- ---------------- ---------------- -----------
node1
3/5/2022 19:21:18 -06:00 node1_clus2 node2-clus1 none
3/5/2022 19:21:20 -06:00 node1_clus2 node2_clus2 none
node2
3/5/2022 19:21:18 -06:00 node2_clus2 node1_clus1 none
3/5/2022 19:21:20 -06:00 node2_clus2 node1_clus2 none
所有ONTAP版本
对于所有ONTAP版本,您也可以使用 `cluster ping-cluster -node <name>`检查连接性的命令:
cluster ping-cluster -node <name>
cluster1::*> cluster ping-cluster -node local
Host is node1
Getting addresses from network interface table...
Cluster node1_clus1 169.254.3.4 node1 e0a
Cluster node1_clus2 169.254.3.5 node1 e0b
Cluster node2_clus1 169.254.3.8 node2 e0a
Cluster node2_clus2 169.254.3.9 node2 e0b
Local = 169.254.1.3 169.254.1.1
Remote = 169.254.1.6 169.254.1.7 169.254.3.4 169.254.3.5 169.254.3.8 169.254.3.9
Cluster Vserver Id = 4294967293
Ping status:
............
Basic connectivity succeeds on 12 path(s)
Basic connectivity fails on 0 path(s)
................................................
Detected 9000 byte MTU on 12 path(s):
Local 169.254.1.3 to Remote 169.254.1.6
Local 169.254.1.3 to Remote 169.254.1.7
Local 169.254.1.3 to Remote 169.254.3.4
Local 169.254.1.3 to Remote 169.254.3.5
Local 169.254.1.3 to Remote 169.254.3.8
Local 169.254.1.3 to Remote 169.254.3.9
Local 169.254.1.1 to Remote 169.254.1.6
Local 169.254.1.1 to Remote 169.254.1.7
Local 169.254.1.1 to Remote 169.254.3.4
Local 169.254.1.1 to Remote 169.254.3.5
Local 169.254.1.1 to Remote 169.254.3.8
Local 169.254.1.1 to Remote 169.254.3.9
Larger than PMTU communication succeeds on 12 path(s)
RPC status:
6 paths up, 0 paths down (tcp check)
6 paths up, 0 paths down (udp check)
下一步是什么?
安装完 RCF 后,您可以…… "验证 SSH 配置"。