smart install tutorial and deployment - networklessons.com … · 2010-10-30 · smart install in...
TRANSCRIPT
© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 1
Smart Install – Tutorial and Deployment
© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 2
Agenda
Chapter 1 : SmartInstall Introduction
Chapter 2: SmartInstall – Very Simple Deployment
Chapter 3: SmartInstall - Medium Complexity
Chapter 4: SmartInstall - Fully Loaded
Chapter 5: SmartInstall – Best Practices
© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 3
Chapter 1 : SmartInstall Introduction
In this chapter, you will learn:
Why to use SmartInstall ?
What is SmartInstall ?
SmartInstall in the network
SmartInstall Groups
Supported Hardware Platforms
© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 4
Why to use SmartInstall?
Easy Deployment
• Minimal and one-time configuration
• Zero touch
• Switch replacement made simple
• Less time to add a switch in the network
Easy Maintenance
• Single Point of Control
• Minimal user-intervention
• Customization
• Scheduled image and config upgrade
• Round the clock config backup
Cost Saving
• Built-in software solution
• Minimal technical expertise required
© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 5
SmartInstall – What is it?
Centralized management for image and config
Client – Server model
Plug and Play of new switches
Auto-Detect of new switches
Zero-touch deployment and switch replacement
Post upgrade
Scheduled config and image upgrade in future
Config backup
Based on the existing Auto-Install feature
© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 6
Smart Install In the Network
Client Switches
Director Switch
Director - Configures client providing switch plug and play
Client - Gets the image and config from the Director
Groups - Classification of client switches based on switch model and other parameters for better management.
Client Switches discovered via CDP & LLDP
Central TFTP, DHCP Server
Clients Group 1 Clients Group 2
3750X
2960
© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 7
SmartInstall Groups
Client can belong to either Custom,
Built-in or Default groups. The logic
for this selection is:
1st the Director tries to find a custom-
group match for the client switch
If match found, client switch gets
corresponding image and config
If not, then the Director tries to find a
built-in group match
If no built-in group match found,
default image and config file is provided
to the client
Best Practice – Use default setting
when network has only 1 switch model
Client gets the
image and
config for that
custom group
Client gets the
image and
config for that
Built-in group
Does the
client
match
any
built-in
group?
Does the
client match
any custom
group?
Yes
No
Yes
No
Client gets the
image and
config files
from the
default settings
© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 8
Supported Hardware Platforms
Director Switches:
3750, 3750v2, 3750E, 3560, 3560v2, 3560E - Software version : 12.2.(53)SE
& above
3750X, 3560X - Software version : 12.2.(53)SE & above
Recommended version for switches : 12.2.(55) because of enhancements
Director Routers:
G1: 1841, 2801, 2811, 2821, 2851, 3825, 3845
G2: 1921, 1941, 2901, 2911, 2921, 2951, 3925, 3945, 3925E, 3945E
Minimum Software version : 15.1.(3)T
Client Switches
3k – 3750, 3750E, 3750X, 3560, 3560E, 3560X
2k – 2960, 2960S, 2975, 2960G.
Special Cases: 3560v2, 3750v2, Industrial Ethernet series switches (custom
groups)
Client Switches must support archive download-sw command
© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 9
Agenda
Chapter 1 : SmartInstall Introduction
Chapter 2: SmartInstall – Very Simple Deployment
Chapter 3: SmartInstall - Medium Complexity
Chapter 4: SmartInstall - Fully Loaded
Chapter 5: SmartInstall – Best Practices
© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 10
Chapter 2: Smart Install – Very Simple Deployment
In this chapter, you will learn to:
Enable SmartInstall on the Director
Setup DHCP for client switches
Setup default config and image for clients
Configure Hostname-prefix
© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 11
Director acts as the TFTP and DHCP
server
All client switches belong to one
model (WS-C2960-48TT-S)
Using vlan 1 as the management vlan
Chapter 1 : Smart Install Topology
Catalyst 3750E
Catalyst 2960
Deployment Highlights and Topology
© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 12
Default Settings for Client Image and Config
Ensure that the Director Switch is running either IP base/IP
services/Universal IOS images
Copy the tar image file for 2960 lanbase client switch and its config file to
Director flash
Before You Start
Recommended when network has same model switches
Requires minimum number of configuration steps
Simple to deploy and manage
© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 13
Configuration Steps
1) Enable SmartInstall on the Director
Director# configure terminal
Director(config)# vstack director 10.0.0.33
Director(config)# vstack basic
2) Configure the DHCP scope for SmartInstall Client switches:
Director(config)# vstack dhcp-localserver pool1
Director(config-vstack-dhcp)# address-pool 10.0.1.0 255.255.0.0
Director(config-vstack-dhcp)# default-router 10.0.0.33
Director(config-vstack-dhcp)# file-server 10.0.0.33
Director(config-vstack-dhcp)# exit
Director(config)# ip dhcp remember
Director(config)# end
3) Configure the default image and config :
Director# configure terminal
Director(config)# vstack image flash:c2960-lanbase-tar.122-53SE.tar
Director(config)# vstack config flash:2960lanbase_config.txt
Director(config)# end
4) Hostname prefix: Helps assign a common hostname + last 3 bytes of MAC
Director(config)# vstack hostname-prefix Client_Switch
Director(config)# exit
Do “wr er” on client switch and reload/ Brand new switch
© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 14
What happens in the background ?
1. Director creates client_cfg.txt and stores it on the flash
2. Director configures itself to be the TFTP server
3. Director discovers clients through CDP
4. Clients get IP on vlan 1 from the DHCP pool on the Director
5. Clients download starts ( takes 5 – 8 minutes)
1. Client downloads client_cfg.txt
2. Client downloads image file
3. Client reboots with new image
4. Client downloads config file
P.S : When the client switch is downloading the image and config file, you may
not see any console messages. DO NOT press any key at this time as this
will terminate the SmartInstall operation
© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 15
Use cases for this Scenario
All clients are same model, use same software version, feature sets, configs
Director with layer 3 capability
Value Addition
Simple configuration – Quick and Easy setup
Round the clock automatic image and config provisioning for new client
switches
© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 16
Chapter 3: SmartInstall – Using Built-in Groups
In this chapter, you will learn to:
Configure built-in groups
Configure external TFTP server
How to make ether channels work on
clients
Move the management vlan away from
vlan 1
© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 17
In this chapter:
Client switches belong to multiple
models
TFTP Server is external to the Director
Config files will change the client
switches’ management VLAN
Etherchannels used as links to the
Director
Before you begin:
Copy image tar files for all client swicth
platforms to the TFTP Server
Built-in Switch Group –
2 ( 3750e series)Built-in Switch Group –
1 (3560e series)
Built-in Switch Group –
3 ( 2960)
Director
TFTP
server
Ether
channel
link
Highlights and Topology for this Chapter
© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 18
Built-in Groups
Switches belonging to the same model = 1 Built-in group
“3750E 48 port” and “3750E 48-poe” are 2 groups
Image and config settings are specific to a group
Etherchannels
Increased bandwidth between Director and client switches
Etherchannel mode – “Desirable” on Director
Etherchannel mode – “Desirable”, “Auto” or “On”on the client
Requires vlan 1 to be native on Director
© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 19
Configuration Steps
1) Repeat steps 1 and 2 from Chapter-2 – to enable SmartInstall
2) Create another DHCP pool for vlan 10 ( for device management on client)
3) Configure Ether channel on ports connected to clients switches
Director# configure terminal
Director(config)# interface Port-channel1
Director(config-if)# switchport trunk encapsulation dot1q
Director(config-if)# switchport mode trunk
Director(config)# interface range GigabitEthernet1/0/3 - 4
Director(config-if-range)# switchport trunk encapsulation dot1q
Director(config-if-range)# switchport mode trunk
Director(config-if-range)# channel-group 1 mode desirable
4) Configure Built-in groups for client switches
Director(config)# vstack group built-in 3560e 24
Director(config-vstack-group)#image tftp://10.0.0.10/c3560e-universal-tar.122-52.SE.tar
Director(config-vstack-group)#config tftp://10.0.0.10/3560e-24-built-in-config.txt
Director(config)# exit
Director(config)# vstack group built-in 2960 24
Director(config-vstack-group)# image tftp://10.0.0.10/c2960-lanlite-tar.122-52.SE.tar
Director(config-vstack-group)# config tftp://10.0.0.10/2960-24-built-in-config.txt
Director(config)# end
Note that the image and config files are on an external TFTP server
© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 20
Recommended Configuration Settings for Client Switch config.text (Snippet)
Notice the ether channel config and new management VLAN. VLAN1 is still native.
interface Port-channel1
switchport mode trunk
!
interface FastEthernet0/1
switchport mode trunk
channel-group 1 mode desirable
!
interface FastEthernet0/2
switchport mode trunk
channel-group 1 mode desirable
!
interface FastEthernet0/3
switchport mode access
switchport access vlan 10
-
-
-
interface Vlan10
ip address dhcp
ip helper-address 10.30.0.3
New Management
Vlan 10
DHCP from Director
Uplinks to the Director,
on an ether-channel
link
© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 21
What happens in the background?
1) Director creates Imagelists.txt for each built-in group, places them in TFTP server
2) Clients get IP on vlan 1 using DHCP pool from the Director
3) Client download starts: ( 5 – 8 minutes)
1) Client first downloads the client_cfg.txt file
2) Client downloads the image file chosen by the Director after built-in group
match
3) Clients download the config files
4) Clients reboot with new image and config and get IP from vlan 10 ( new management
vlan)
© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 22
Use cases for this scenario
Enterprises – Campus/Branch with mixed switch model deployment :
• Different platform switches
• Multiple links between switches - redundancy
• Centralized Management for image and config files
• Dedicated external server for software image and config file storage
Best Practices
• Migrate to new management vlan on client switches
• Image – tar file only
• TFTP server – create subdirectory with full read-write access ( Refer Chpt 4)
© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 23
Chapter 4: SmartInstall – Fully Loaded
In this chapter, you will learn how to:
Configure custom client groups
Schedule an upgrade – Join Window
Configuration backup
Zero Touch Switch Replacement
On-demand upgrades
Custom Switch
Group – 2
(connectivity
based)
Director Switch
(3750E)
Client Switches
Custom Switch
Group – 1 ( PID
based)
Built-in Switch
Group – 1 (3560
series)
External
TFTP server
for client-
switch
images and
config
Copy client switch images in tar format to
the TFTP server
Before you Begin
© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 24
Custom Groups
Identify client switches that need different images and configs from the built-
in group
Enhances deployment flexibility
Group Types :
PID based
Connectivity based
MAC based
Stack based
Two switches of the same model – custom and built-in – possible
© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 25
PID Based Custom Groups
Identifies clients based on their PID (model)
Example of a PID: WS-C3560E-48TD-S
When to use this type?
Future proofing, models that don’t have built-in groups
Different images for different PIDs of same switch
Config :
Director(config)#vstack group custom cust2 product-id
Director(config-vstack-group)#image
tftp://10.0.0.10/Imagelists/c3560e-universal-tar.122-53.SE.tar
Director(config-vstack-group)#config
tftp://10.0.0.10/Imagelists/3560e-config.txt
Director(config-vstack-group)#match WS-C3560E-48TD-S
Client 3:
PID: WS-
C3560E-12D-E
Director
Switch
Client 1:
PID: WS-C3560E-
48PD-E
Client 2:
PID: WS-
C3560E-48PD-S
© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 26
Connectivity Based Custom Groups
Based on uplink host IP and physical interface
When to use this type of custom group?
Only location of the Client switch is known
Multi-hop networks
Different software versions on switches of the same
family
Config:
Director(config)#vstack group custom 2960-custom connectivity
Director(config-vstack-group)#image tftp://10.0.0.10/Imagelists/c2960-
lanlite-tar.122-52.SE.tar
Director(config-vstack-group)#config tftp://10.0.0.10/Imagelists/2960-
config-SI.txt
Director(config-vstack-group)#match host 10.30.10.51 interface
GigabitEthernet1/0/5
Switch:
IP 10.30.10.51Client 2
Gig 1/0/10
Director Switch
IP: 10.30.0.3
Uplink
Connectivity
Gig 1/0/5
Client 1
© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 27
MAC Address Based Custom Group
Director matches for client switch MAC address
Takes the highest priority in the client group matching algorithm
MAC address can be obtained as follows: “sh vstack status“ on the Director Switch
“sh ver” on the client switch – Base Ethernet MAC address
Label on/back of the switch
When to use this type of connectivity?
Dynamic client-director connectivity
Switch family and software version diversity in the network
ConfigurationDirector# configure terminal
Director(config)# vstack director 10.30.0.3
Director(config)# vstack basic
Director(config)# vstack group custom textgroup3 mac
Director(config-vstack-group)# match mac 0023.34ca.c180
Director(config-vstack-group)# match mac 001a.a1b4.ee00
Director(config-vstack-group)# image tftp://101.122.33.10/c3750-ipbase-tar.122-
52.SE.tar
Director(config-vstack-group)# config tftp://101.122.33.10/3750-24-ipbase_config.txt
Director(config-vstack-group)# exit
Director Switch
IP: 10.30.0.3
MAC Address
based groupClient 1
Link
Redundancy
© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 28
Stack Based Custom Groups
Designed for clients in Stackwise/Stackwise+/Flexstack
deployment
Match criteria – Member number, switch model, port/poe
for each switch member
Supports stack members of the same series onlyEx: Stack of 3750 switches or 3750e series or 3750x series; but
not a combination of 3650, 3750E and 3750X
Configuration:
Director(config)# vstack group custom testgroup stack
Director(config-vstack-group)# image tftp://10.0.0.10/c3750-
ipbase-tar.122-52.SE.tar
Director(config-vstack-group)# config
tftp://10.0.0.10/3750stack_config.txt
Director(config-vstack-group)# match 1 3750 48poe
Director(config-vstack-group)# match 2 3750 24
Director(config-vstack-group)# match 3 3750 24
Director(config-vstack-group)# exit
Director(config)# end
Director Switch
IP: 10.30.0.3
membernumber in the stack
Stack of 4
3750 switches
© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 29
All Groups Working Together
Switch connected
to IP phones
Custom Group –
(connectivity based)
Datacenter Switches
Custom Switch Group
( MAC address based
based)
Built-in Switch
Group (3750X
series)
External
TFTP server
for client-
switch
images and
config
Infrastructure Switches
Switch connected to
APs and IP Cameras
Director Switch
Custom Switch
Group ( PID based )
Stack based custom
group
Wiring Closet
© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 30
Join Window
Join Window
Schedule a time-window for zero-
touch image and config upgrades
Clients cannot download
image/config outside the window
Security – prevents unexpected
switches from getting image and
config files
ConfigDirector(config)#vstack join-window start [date] hh:mm [interval]
[end date] [recurring]}
© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 31
Configuration Back-up Saves client switch’s config on Director/TFTP Server
Centralized repository of most current client switch configs
Enabled by default when SmartInstall is enabled
When/How is config backup useful?
Helps maintain config files for all client switches and track config changes
Makes switch replacement quick and easy
Automated round the clock network config management
Configuration
Director(config)#vstack backup file-server tftp://10.0.0.10/Imagelists/configs IN
this case, config file is stored on TFTP server, overrides flash:vstack
Every time a client does “ wr “ a copy gets created on the backup server for the switch client_ID
By default, config files are stored on the Director at flash:vstack unless configured otherwise
© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 32
Zero Touch Switch Replacement
Config Backup is configured
Client Switch goes bad
Director gets an update that client switch
has changed to inactive state.
Network personnel replaces the bad switch
with a new switch of the exact same model
and on the same switch port
New client switch downloads image and
most recent config
Client switch reboots and is ready for use
Catalyst 3750E
Catalyst 2960
Switch failure
© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 33
On-Demand Upgrades
Admin can upgrade client switch images and configs whenever
needed
Could be selective upgrade or for the whole network
Single Switch Upgrade
Director# vstack download-image tftp://10.0.0.10/c2960-lanlite-
tar.122-52.SE.tar 1.1.1.30 mypassword reload in 06:30
Director# vstack download-config
tftp://101.122.33.20/2960LANlite_config.txt 1.1.1.30 my password
reload in 06:30
Built-in Group Upgrade
Director# vstack download-image built-in 3560e 24 mypassword
override reload in 6:30
Director# vstack download-config built-in 3560e 24 mypassword
reload in 06:30
© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 34
Complete Management Solution
Config Protection - Constant client switch config backup
Customization – Custom Groups
Easy Switch Identification – Hostname Prefix
Secured Upgrade Window – Join Window
On Demand Upgrade
Use Case – Campus topology with different switch models,
same model – different software images, different configs, auto
config back up
© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 35
Agenda
Chapter 1 : SmartInstall Introduction
Chapter 2: SmartInstall – Very Simple Deployment
Chapter 3: SmartInstall - Medium Complexity
Chapter 4: SmartInstall - Fully Loaded
Chapter 5: SmartInstall – Best Practices &
Troubleshooting
© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 36
Chapter 5: SmartInstall – Best Practices & Troubleshooting
Importance of Vlan 1
SmartInstall operates on vlan 1
It is the default native vlan - helps etherchannel
Enabled by default on client switches with zero config
Clients devices send DHCP request on vlan 1 by default
© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 37
Files Created during SmartInstall Operation
Client_cfg.txt
Enabling Smart Install creates a client_cfg.txt file.
Stored in the Director Switch flash
Client Switch downloads this file & establishes Client-Director link.
DO NOT delete this file from the Director flash
client_cfg.txt contains:!
version 12.2
!
enable password cisco
!
username cisco
!
do telnet 10.0.0.33 18843
!
end
!
© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 38
Files created during SmartInstall Operation
Continued..
Imagelists
Imagelist is created by the Director switch for every defined group
It contains the name of the tar image file for that client group
Built-in group names as created by the Director:
“2960-48-lanlite-imagelist.txt” Built-in group for C2960 with
48 ports, running lanlite image
“2960-custom-imagelist.txt” Imagelist name for custom
group named “2960-custom”
Contents of an Imagelist:
Imagelists/c3750e-universal-tar.122-53.SE.tar
The image tar file is placed inside a subfolder in the TFTP Server
© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 39
TFTP Server Settings
Director Switch Flash Based TFTP Server:
External TFTP Server:
Pros Cons
Client image file, config file
and back-up config versions
on the Director flash
Limited storage space due to
flash size restriction
Avoids the use of external
TFTP server
Uses extra system resources
when client switches read
the flash for image/config
Recommended when: All client switches are of the same
model
Pros Cons
Lots of storage space for
images, config and backup
config files for multiple client
switch groups
Requires an external TFTP
device – extra infrastructure
Saves space on the director
flash
Extra config for file permissions
in case of a Linux TFTP Server
Recommended when:
1) Many client groups are defined
2) Multiple Directors are configured
© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 40
Troubleshooting SmartInstall
When Imagelist transfer to TFTP fails, check for:
Write permission on external TFTP server
Available space on TFTP server
Switch – TFTP server connectivity
Pre-existing imagelist with the same
name – image upgrade scenario
© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 41
When SmartInstall image and config upgrade
fails, check the Client Switch for:
Insufficient flash size on client
Small flash with multiple images, config, crashinfo
files
No space available for new image download
Solution – Admin has to manually delete
unnecessary files
Client switch console – is someone actively working
on the client switch CLI?
Connectivity – does client switch have IP address on
vlan 1?
Correct built-in group choice
Custom group match criteria
Correct image, config file
Supported hardware when using built-in group
Troubleshooting SmartInstall contd..
© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 42
© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 43
TFTP Server settings on Linux ( backup slide )
Create TFTP subfolder
$ sudo mkdir /tftpboot/Imagelists
$ sudo chmod -R 777 /tftpboot/Imagelists/
$ sudo chown -R nobody /tftpboot/Imagelists/
Create /etc/xinetd.d/tftp and add this entry--
service tftp
{
protocol = udp
socket_type = dgram
wait = yes
user = root
server = /usr/sbin/in.tftpd
server_args = -s -c /tftpboot <<<<<<<< should have a -c
disable = no
}
--
Restart the server using - restart xinetd
© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 44
Q & A