What is ISSU?
ƒ In Service Software Upgrade
ƒ Upgrades the software running on the switch
ƒ Also known as Non-Disruptive / Hitless Upgrade
ƒ No impact to the data plane
Switch continues to forward traffic during upgrade
No packet drops
ƒ Does not mean always going to a higher version
Even a software downgrade can be an ISSU
As long as there is no traffic loss
ISSU
In Service Software Upgrade
ƒ
In a Nexus 7000 series chassis with dual supervisors, you can use the in-service
software upgrade (ISSU) feature to upgrade the system software while the system
continues to forward traffic
ƒ
ISSU uses the existing features of nonstop forwarding (NSF) with stateful switchover
(SSO) to perform the software upgrade with no system downtime.
ƒ
An ISSU is initiated through the command-line interface (CLI) by an administrator. When
initiated, an ISSU updates (as needed) the following components on the system:
-Supervisor BIOS, kickstart image, system image
-Module BIOS and image
-Connectivity Management Processor (CMP) BIOS and image
ISSU in brief
During ISSU, new software is loaded onto the standby
supervisor while the active supervisor continues to operate
using the old software.
ƒ
As part of the upgrade, a switchover occurs between the
active and standby supervisors.
ƒ
Then the standby supervisor becomes active and begins
running the new software. After the switchover, the new
software is loaded onto the the (formerly active) standby
supervisor
How ISSU works?
install all kickstart <device:kickstart-image> system <device:system-image>
ƒ
Validate images (Both the kickstart and the system image)
ƒ
Extract images (Linecard version from the system imag, BIOS version from the system image, system
version from the system image, kickstart version from the kickstart image, CMP version from the
system image, and CMP-BIOS version from the system image)
ƒ
Perform compatibility check for the module
ƒ
Inform if the upgrade will be disruptive or non-disruptive and prompt permission to continue with the
upgrade
ƒ
Synchronize images to standby supervisor (both kickstart and system image)
ƒ
Setting boot variables
ƒ
Save the configuration
ƒ
Reboot standby supervisor (boot new software)
ƒ
Upgrade CMP image (but not reload)
ƒ
Switchover standby supervisor to become the active supervisor
ƒ
Reload original active to perform upgrade
ƒ
After successful reload, the original active becomes the standby supervisor
ƒ
Upgrade linecards
After successful installation, the CMP should be reloaded to complete the installation.
NX-OS High-Availability Infrastructure
ƒ Actually composed of 3
sub-services
oSystem Manager
oMessage & Transaction
Service (MTS)
oPersistent Storage
Service (PSS)
Nexus 7000 High Availability
NX-OS – System Manager Process
ƒ
“System Manager” is the NX-OS process at the foundation of the
Nexus 7000 High Availability.
ƒ
“System Manager” is the software component responsible for:
ƒ Maintaining overall HA states
ƒ Enforcing HA policies
ƒ Launching, Monitoring and Restarting processes, services and protocols
ƒ
“System Manager” is the “control room” of NX-OS
NX-OS Non-Stop Forwarding
ƒ
OS Designed to leverage
distributed hardware
architecture
ƒ
Fabric & forwarding engine
removed from supervisor
ƒ
Each I/O module has
independent control-plane
and forwarding hardware
ƒ
Control-plane & data-plane
separation
ƒ
Fully distributed system for
non-disruptive SSO & ISSU
Stateful Supervisor Switchover
Active/Standby
ƒ Initial state synchronization, subsequent event
driven sync keep active/standby in sync
ƒ Fast switchover time – State is already in place
ƒ Switchover initiated if:
/ repeated critical process restart failures
/ kernel failures
/ supervisor hardware failure
What is upgraded as part of ISSU ?
ƒ Upgrades the following on the Supervisor(s)
BIOS, Kickstart and System image
ƒ Upgrades the following on the Linecard(s)
BIOS and Linecard image
ƒ Upgrades the following on CMP (connectivity management processor)
CMP BIOS and CMP image
Requirements for a successful ISSU
ƒ Software Compatibility
The running and the target images must be compatible
Otherwise, ISSU will not be allowed
Could result in a disruptive upgrade
Traffic flow could be impacted
ƒ Stable Network Topology
A key requirement
Unstable network could potentially cause:
ISSU to abort (to avoid traffic disruption)
Module reset (leading to traffic loss)
Configuration Check (ConfCheck)
ƒ Infrastructure Service that runs on the Supervisor
ƒ Maintains a list of features that are running
Feature MUST register with ConfCheck when its enabled
During ISSU, helps checks for feature compatibility
Extracts the capability.cap file from the new image
The file contains a list of supported features
Checks if the features enabled on the switch are supported
How can ISSU be performed?
ƒ From CLI (Command Line Interface)
Can be run only on the Active Supervisor
install all kickstart <kick-image> system <system
image>
The specified images must be the target images
i.e. the images to which the switch needs to be
upgraded/downgraded
Must be run only in Default VDC (Virtual Device Context)
ƒ From Data Center Network Manager
Design Considerations
ƒ Remember that during ISSU
ƒ Active and Standby SUP’s will be running different image versions
ƒ Line cards will also be running different image versions
ƒ Whenever you add/modify a feature/data structure
ƒThink about upgrade and downgrade scenarios
E.g. If line card is running a old version, will the change work
ƒ Special case - ISSU 5.0(x)-->5.1(1) or higher
ƒ If BFD is turned on, warning message to turn off before doing ISSU
(see release notes for more information)
ƒ Hitless Software Upgrade != Hitless Firmware Upgrade