取消
显示结果 
搜索替代 
您的意思是: 
cancel
公告

December 2020

December 2020

【原创】Cisco Nexus ISSU

37
查看次数
0
有帮助
0
评论

What is ISSU?

 

ƒ In Service Software Upgrade

ƒ Upgrades the software running on the switch

ƒ Also known as Non-Disruptive / Hitless Upgrade

ƒ No impact to the data plane

Switch continues to forward traffic during upgrade

No packet drops

ƒ Does not mean always going to a higher version

Even a software downgrade can be an ISSU

As long as there is no traffic loss

 

ISSU

In Service Software Upgrade

ƒ

In a Nexus 7000 series chassis with dual supervisors, you can use the in-service

software upgrade (ISSU) feature to upgrade the system software while the system

continues to forward traffic

ƒ

ISSU uses the existing features of nonstop forwarding (NSF) with stateful switchover

(SSO) to perform the software upgrade with no system downtime.

ƒ

An ISSU is initiated through the command-line interface (CLI) by an administrator. When

initiated, an ISSU updates (as needed) the following components on the system:

-Supervisor BIOS, kickstart image, system image

-Module BIOS and image

-Connectivity Management Processor (CMP) BIOS and image

 

ISSU in brief

During ISSU, new software is loaded onto the standby

supervisor while the active supervisor continues to operate

using the old software.

ƒ

As part of the upgrade, a switchover occurs between the

active and standby supervisors.

ƒ

Then the standby supervisor becomes active and begins

running the new software. After the switchover, the new

software is loaded onto the the (formerly active) standby

supervisor

 

How ISSU works?

install all kickstart <device:kickstart-image> system <device:system-image>

ƒ

Validate images (Both the kickstart and the system image)

ƒ

Extract images (Linecard version from the system imag, BIOS version from the system image, system

version from the system image, kickstart version from the kickstart image, CMP version from the

system image, and CMP-BIOS version from the system image)

ƒ

Perform compatibility check for the module

ƒ

Inform if the upgrade will be disruptive or non-disruptive and prompt permission to continue with the

upgrade

ƒ

Synchronize images to standby supervisor (both kickstart and system image)

ƒ

Setting boot variables

ƒ

Save the configuration

ƒ

Reboot standby supervisor (boot new software)

ƒ

Upgrade CMP image (but not reload)

ƒ

Switchover standby supervisor to become the active supervisor

ƒ

Reload original active to perform upgrade

ƒ

After successful reload, the original active becomes the standby supervisor

ƒ

Upgrade linecards

After successful installation, the CMP should be reloaded to complete the installation.

NX-OS High-Availability Infrastructure

ƒ Actually composed of 3

sub-services

oSystem Manager

oMessage & Transaction

Service (MTS)

oPersistent Storage

Service (PSS)

 

Nexus 7000 High Availability

NX-OS – System Manager Process

ƒ

System Manager” is the NX-OS process at the foundation of the

Nexus 7000 High Availability.

ƒ

“System Manager” is the software component responsible for:

ƒ Maintaining overall HA states

ƒ Enforcing HA policies

ƒ Launching, Monitoring and Restarting processes, services and protocols

ƒ

“System Manager” is the “control room” of NX-OS

 

NX-OS Non-Stop Forwarding

ƒ

OS Designed to leverage

distributed hardware

architecture

ƒ

Fabric & forwarding engine

removed from supervisor

ƒ

Each I/O module has

independent control-plane

and forwarding hardware

ƒ

Control-plane & data-plane

separation

ƒ

Fully distributed system for

non-disruptive SSO & ISSU

 

Stateful Supervisor Switchover

Active/Standby

ƒ Initial state synchronization, subsequent event

driven sync keep active/standby in sync

ƒ Fast switchover time – State is already in place

ƒ Switchover initiated if:

/ repeated critical process restart failures

/ kernel failures

/ supervisor hardware failure

 

What is upgraded as part of ISSU ?

ƒ Upgrades the following on the Supervisor(s)

BIOS, Kickstart and System image

ƒ Upgrades the following on the Linecard(s)

BIOS and Linecard image

ƒ Upgrades the following on CMP (connectivity management processor)

CMP BIOS and CMP image

Requirements for a successful ISSU

ƒ Software Compatibility

The running and the target images must be compatible

Otherwise, ISSU will not be allowed

Could result in a disruptive upgrade

Traffic flow could be impacted

ƒ Stable Network Topology

A key requirement

Unstable network could potentially cause:

ISSU to abort (to avoid traffic disruption)

Module reset (leading to traffic loss)

 

Configuration Check (ConfCheck)

ƒ Infrastructure Service that runs on the Supervisor

ƒ Maintains a list of features that are running

Feature MUST register with ConfCheck when its enabled

During ISSU, helps checks for feature compatibility

Extracts the capability.cap file from the new image

The file contains a list of supported features

Checks if the features enabled on the switch are supported

 

How can ISSU be performed?

ƒ From CLI (Command Line Interface)

Can be run only on the Active Supervisor

install all kickstart <kick-image> system <system

image>

The specified images must be the target images

i.e. the images to which the switch needs to be

upgraded/downgraded

Must be run only in Default VDC (Virtual Device Context)

ƒ From Data Center Network Manager

 

Design Considerations

ƒ Remember that during ISSU

ƒ Active and Standby SUP’s will be running different image versions

ƒ Line cards will also be running different image versions

ƒ Whenever you add/modify a feature/data structure

ƒThink about upgrade and downgrade scenarios

E.g. If line card is running a old version, will the change work

ƒ Special case - ISSU 5.0(x)-->5.1(1) or higher

ƒ If BFD is turned on, warning message to turn off before doing ISSU

(see release notes for more information)

ƒ Hitless Software Upgrade != Hitless Firmware Upgrade

 

 

 

 

 

不能显示该小部件。