I did a upgrade of our ACI Lab Fabric last week and documented all the steps. The upgrade is really straightforward, but hopefully this guide still helps you 🙂
First you have to catch the desired Software, get them directly from cisco. You need APIC Release image for 1.0(3f) release (aci-apic-dk9.1.0.3f.iso) and the Cisco Nexus 9000 Series ACI Mode Switch Software Release 11.0(3f) (aci-n9000-dk9.11.0.3f.bin). Get them here:
Cisco ACI Version 1.0(3f)
I always check the MD5 sum, just to be sure that everything went right with my download.
1
2
|
$ md5 aci-apic-dk9.1.0.3f.iso
MD5 (aci-apic-dk9.1.0.3f.iso) = 6e747378ec4225ead0f27cb23aa54f02
|
Cisco ACI 1.0(3f) MD5 Hash
The MD5 hash looks right. Check the same for the Nexus 9000 Image!
Upgrade of the APIC Controllers
We start with the upgrade of the APIC Controller, all APIC Controllers of your Fabric have to be upgraded first.
I did the whole upgrade through CLI, it’s also possible with the GUI but i prefer the CLI way.
- Copy the Software to the APIC Controller
1
2
3
|
admin@aci-lab-apic01:~> scp richy@10.32.32.179:Downloads/aci-apic-dk9.1.0.3f.iso .
Password:
aci-apic-dk9.1.0.3f.iso 100% 3175MB 102.4MB/s 00:31
|
Hint: Maybe you need an additional ‘/’ after the ‘:’ like ‘user@host:/path’
Thanks @Jonas Walker for the information!
- Add the new firmware to the repository
1
2
|
admin@aci-lab-apic01:~> firmware add aci-apic-dk9.1.0.3f.iso
Firmware Image aci-apic-dk9.1.0.3f.iso is added to the repository
|
- After adding the new firmware, it’s “removed” from the upload directory
1
2
|
admin@aci-lab-apic01:~> ls
aci debug mit
|
- Wait a couple of seconds and you can now see the new added firmware in the repository
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
|
admin@aci-lab-apic01:~> firmware list
Name : aci-apic-dk9.1.0.3f.bin
Type : controller
Version : 1.0(3f)
Size(Bytes) : 3329372160
Release-Date : 2015-02-10T03:46:53.000+02:00
Download-Date : 2015-02-18T16:37:29.580+02:00
Name : aci-catalog-dk9.1.0.3f.bin
Type : catalog
Version : 1.0(3f)
Size(Bytes) : 18064
Release-Date : 2015-02-10T02:27:12.000+02:00
Download-Date : 2015-02-18T16:37:31.554+02:00
Name : aci-catalog-dk9.1.0.2j.bin
Type : catalog
Version : 1.0(2j)
Size(Bytes) : 17493
Release-Date : 2014-11-11T18:58:18.000+02:00
Download-Date : 2015-01-31T05:57:47.354+02:00
|
- Now you can start the controller upgrade, it’s automatically done on all APIC Controllers, one at a time
1
2
3
4
|
admin@aci-lab-apic01:~> firmware upgrade controllers aci-apic-dk9.1.0.3f.bin
Firmware Upgrade on Controllers has been scheduled.
The upgrade will be performed on one controller at a time in the background.
To check the upgrade status, use 'firmware upgrade status node <node-id>'
|
- Then you can check the status of the upgrade
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
|
admin@aci-lab-apic01:~> firmware upgrade status
Node-Id Role Current-Firmware Target-Firmware Upgrade-Status Progress-Percent(if inprogress)
----------------------------------------------------------------------------------------------------------------------
<strong>1 controller 1.0(2j) apic-1.0(3f) inqueue 0</strong>
101 spine n9000-11.0(2j) notscheduled 0
111 leaf n9000-11.0(2j) notscheduled 0
112 leaf n9000-11.0(2j) notscheduled 0
Legend:
notscheduled - Upgrade has NOT been scheduled
scheduled - Upgrade has been scheduled at a future time
queued - Node is waiting for token from scheduler(permission to upgrade)
inprogress - Image installation is currently in progress on node
completeok - Upgrade successful
completenok - Upgrade failed
unknown - Node unreachable
|
1
2
3
4
5
6
7
|
admin@aci-lab-apic01:~> firmware upgrade status
Node-Id Role Current-Firmware Target-Firmware Upgrade-Status Progress-Percent(if inprogress)
----------------------------------------------------------------------------------------------------------------------
<strong>1 controller 1.0(2j) apic-1.0(3f) inprogress 75
</strong>101 spine n9000-11.0(2j) notscheduled 0
111 leaf n9000-11.0(2j) notscheduled 0
112 leaf n9000-11.0(2j) notscheduled 0
|
- The Controllers do an automatic reboot, so if you just have one APIC in your Fabric, you definitely will be kicked off
1
2
3
4
5
|
admin@aci-lab-apic01:~>
Broadcast message from root@aci-lab-apic01
(unknown) at 15:47 ...
The system is going down for reboot NOW!
|
- As soon as the APIC Controller is back up you can check the firmware upgrade status
1
2
3
4
|
admin@aci-lab-apic01:~> firmware upgrade status node 1
Node-Id Role Current-Firmware Target-Firmware Upgrade-Status Progress-Percent(if inprogress)
----------------------------------------------------------------------------------------------------------------------
1 controller apic-1.0(3f) apic-1.0(3f) completeok 100
|
Upgrade of the Nexus 9000 Spine and Leaf switches
After all the Fabric Controllers are updated, you can proceed to upgrade your Nexus 9000 Spine and Leaf Switches.
- Copy the Nexus 9000 Software to the APIC Controller
1
2
3
|
admin@aci-lab-apic01:~> scp richy@10.32.32.179:Downloads/aci-n9000-dk9.11.0.3f.bin .
Password:
aci-n9000-dk9.11.0.3f.bin 100% 495MB 99.1MB/s 00:05
|
- Also add the Nexus 9000 Software to the Firmware Repository
1
2
|
admin@aci-lab-apic01:~> firmware add aci-n9000-dk9.11.0.3f.bin
Firmware Image aci-n9000-dk9.11.0.3f.bin is added to the repository
|
- Check that the software was added succesfully to the repository
1
2
3
4
5
6
7
|
admin@aci-lab-apic01:~> firmware list
Name : aci-n9000-dk9.11.0.3f.bin
Type : switch
Version : 11.0(3f)
Size(Bytes) : 519376842
Release-Date : 2015-02-10T02:47:47.000+01:00
Download-Date : 2015-02-18T15:53:28.874+01:00
|
- You now can start the upgrade on the switches, in a production environment you should split the upgrade to make it undisruptive. As this is just my lab, i booted all the switches at the same time
1
2
3
4
5
6
7
8
9
10
11
|
admin@aci-lab-apic01:~> firmware upgrade switch node 101 aci-n9000-dk9.11.0.3f.bin
Firmware Installation on Switch Scheduled
To check the upgrade status, use 'firmware upgrade status node <node-id>'
admin@aci-lab-apic01:~> firmware upgrade switch node 111 aci-n9000-dk9.11.0.3f.bin
Firmware Installation on Switch Scheduled
To check the upgrade status, use 'firmware upgrade status node <node-id>'
admin@aci-lab-apic01:~> firmware upgrade switch node 112 aci-n9000-dk9.11.0.3f.bin
Firmware Installation on Switch Scheduled
To check the upgrade status, use 'firmware upgrade status node <node-id>'
|
- You can check the upgrade status with the same command here
1
2
3
4
5
6
7
|
admin@aci-lab-apic01:~> firmware upgrade status
Node-Id Role Current-Firmware Target-Firmware Upgrade-Status Progress-Percent(if inprogress)
----------------------------------------------------------------------------------------------------------------------
1 controller apic-1.0(3f) apic-1.0(3f) completeok 100
101 spine n9000-11.0(2j) n9000-11.0(3f) inprogress 5
111 leaf n9000-11.0(2j) n9000-11.0(3f) inprogress 5
112 leaf n9000-11.0(2j) n9000-11.0(3f) inprogress 5
|
- The switches also do an automatic reboot after the upgrade
1
2
3
4
5
6
7
|
admin@aci-lab-apic01:~> firmware upgrade status
Node-Id Role Current-Firmware Target-Firmware Upgrade-Status Progress-Percent(if inprogress)
----------------------------------------------------------------------------------------------------------------------
1 controller apic-1.0(3f) apic-1.0(3f) completeok 100
101 spine unknown unknown unknown unknown
111 leaf unknown unknown unknown unknown
112 leaf unknown unknown unknown unknown
|
- After all the switches booted, you should see them all with a status of “completeok”
1
2
3
4
5
6
7
|
admin@aci-lab-apic01:~> firmware upgrade status
Node-Id Role Current-Firmware Target-Firmware Upgrade-Status Progress-Percent(if inprogress)
----------------------------------------------------------------------------------------------------------------------
1 controller apic-1.0(3f) apic-1.0(3f) completeok 100
101 spine n9000-11.0(3f) n9000-11.0(3f) completeok 100
111 leaf n9000-11.0(3f) n9000-11.0(3f) completeok 100
112 leaf n9000-11.0(3f) n9000-11.0(3f) completeok 100
|
- Final check of the current software version
1
2
3
4
5
6
7
8
|
admin@aci-lab-apic01:~> show version
# Executing command: 'version'
node type node id node name version
---------- ------- --------------- --------------
controller 1 aci-lab-apic01 1.0(3f)
spine 101 aci-lab-spine01 n9000-11.0(3f)
leaf 111 aci-lab-leaf01 n9000-11.0(3f)
leaf 112 aci-lab-leaf02 n9000-11.0(3f)
|
That’s it! You just upgraded your ACI Fabric with success.