cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
24400
Views
50
Helpful
16
Replies
Highlighted
Beginner

How can i make a APIC to a factory default ?

In case fabric domain name mismatch, the mismatched APIC under a APIC cluster can be handled by console and GUI.

I've checked a lot of documents regarding APIC troubleshooting but i couldn't find it.

I think i have to do initial setup to put it on APIC cluster. 

Could you tell me What i should do?

 

 

 

3 ACCEPTED SOLUTIONS

Accepted Solutions
Highlighted
Cisco Employee

* SSH to your APIC(s) as

* SSH to your APIC(s) as "admin" user

* Use the "eraseconfig setup"

ie.

apic1:~> e
 eraseconfig  Erase configuration, restore to factory settings

apic1:~> eraseconfig
 <CR>   Carriage Return
 setup  Erases the setup data

 

I hope this helps!

 

Other reference material:

Cisco APIC Troubleshooting Guide

http://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/1-x/troubleshooting/b_APIC_Troubleshooting/b_APIC_Troubleshooting_chapter_0101.html

View solution in original post

Highlighted
Cisco Employee

Hello,If the admin user will

Hello,

If the admin user will not authenticate, try to log in through rescue-user. rescue-user is sort of a emergency user that will log in even if the APICs are not in a cluster. you can run admin level commands such as "eraseconfig setup"

Thanks for using the Support Forums! Have a nice day. 

View solution in original post

Highlighted
Beginner

After spending several hours

After spending several hours yesterday searching for an answer, I wanted to comment with the commands in the newer versions of ACI (specifically 1.2(2g)).

The eraseconfig command no longer appears to delete the whole fabric, some things are left behind. To wipe the fabric completely, these are the steps which worked for me (provided by a friendly contact at Cisco Advanced Services):

  • connect to the CLI on each switch node (all leaves and spines) and run:
    • Node# setup-clean-config.sh
    • Node# reload
    • This command will reload the chassis, Proceed (y/n)? [n]: y
  • connect to the CLI on each of the APICs - log in as either "admin" or "rescue-user"
    • acidiag touch setup
    • acidiag reboot

This left me with a clean fabric as it was when it came off the back of the delivery truck (except for the CIMC addressing which is fine).

The Cisco AS advice I got for re-building is to adopt the following sequence:

  • Power on 1 APIC only
  • Go through the wizard for the basic configuration either using a monitor and keyboard connected to the device or over the CIMC connection
  • Logon to the ACI APIC GUI (https://oobMgmtAddress)
  • Perform fabric discovery, assign node ID's and names
  • Once all nodes in the fabric are discovered, power on APIC 2
  • Go through the wizard on APIC 2
  • Once APIC 2 shows in the fabric topology, power on APIC 3
  • Go through the wizard on APIC 3

I hope this helps some people who, like me, come across this article with newer ACI versions.

Andrew

View solution in original post

16 REPLIES 16
Highlighted
Cisco Employee

* SSH to your APIC(s) as

* SSH to your APIC(s) as "admin" user

* Use the "eraseconfig setup"

ie.

apic1:~> e
 eraseconfig  Erase configuration, restore to factory settings

apic1:~> eraseconfig
 <CR>   Carriage Return
 setup  Erases the setup data

 

I hope this helps!

 

Other reference material:

Cisco APIC Troubleshooting Guide

http://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/1-x/troubleshooting/b_APIC_Troubleshooting/b_APIC_Troubleshooting_chapter_0101.html

View solution in original post

Highlighted
Beginner

Thank you for your helpful

Thank you for your helpful reply.

Your solution is clearing back to factory setup under admin user.

Unfortunately i've been able to log in admin account, so i have to need another account for emergency access.

If you have solution for emergency login, let me know that.

thank you.

Highlighted
Cisco Employee

Try this: Resetting APIC

Try this: 


Resetting APIC 'admin' password 
 
1- Connect USB to the APIC. The USB is to contains single dummy file named 'aci-admin-passwd-reset'
 
2- Reboot the APIC

3- Interrupt the reboot when the prompt is shown "Press any key to enter the menu"

4- The next screen will show version of Linux installed on the APIC

5- Select the correct version 

6- Type 'e' to edit this command

7- Add "aci-admin-password-reset' to the end of the command and press enter

8- Press 'b' to boot.

9- the APIC will boot to a prompt and ask for the new 'admin' password

 

Let us know how it goes

Highlighted
Beginner

After spending several hours

After spending several hours yesterday searching for an answer, I wanted to comment with the commands in the newer versions of ACI (specifically 1.2(2g)).

The eraseconfig command no longer appears to delete the whole fabric, some things are left behind. To wipe the fabric completely, these are the steps which worked for me (provided by a friendly contact at Cisco Advanced Services):

  • connect to the CLI on each switch node (all leaves and spines) and run:
    • Node# setup-clean-config.sh
    • Node# reload
    • This command will reload the chassis, Proceed (y/n)? [n]: y
  • connect to the CLI on each of the APICs - log in as either "admin" or "rescue-user"
    • acidiag touch setup
    • acidiag reboot

This left me with a clean fabric as it was when it came off the back of the delivery truck (except for the CIMC addressing which is fine).

The Cisco AS advice I got for re-building is to adopt the following sequence:

  • Power on 1 APIC only
  • Go through the wizard for the basic configuration either using a monitor and keyboard connected to the device or over the CIMC connection
  • Logon to the ACI APIC GUI (https://oobMgmtAddress)
  • Perform fabric discovery, assign node ID's and names
  • Once all nodes in the fabric are discovered, power on APIC 2
  • Go through the wizard on APIC 2
  • Once APIC 2 shows in the fabric topology, power on APIC 3
  • Go through the wizard on APIC 3

I hope this helps some people who, like me, come across this article with newer ACI versions.

Andrew

View solution in original post

Highlighted
Beginner

We have three APIC servers

We have three APIC servers and I'm trying to do initial setup configuration and connected through the console (Monitor and keyboard). cluster configuration was setup for the first server and I changed admin password successfully but it didn't go through for second server and didn't ask me to set the admin password, and I can't login with admin user. I have tried following procedure three times and recovered admin password but I can't login again,

http://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/1-x/troubleshooting/b_APIC_Troubleshooting/b_APIC_Troubleshooting_chapter_0100.pdf

any thing should be configured in cluster side? or something missing.

Appreciate if you can help me on this.

Highlighted
Beginner

Hi,

Hi,

Does this help? Something I wrote up last time I went through it:

https://aciandme.wordpress.com/2016/03/01/recommended-sequence-for-apic-build-and-fabric-discovery/

Andrew

Highlighted
Beginner

Thanks Andrew but I see one

Thanks Andrew but I see one APIC1 only while setup APIC2 also,

any thought?

Highlighted
Beginner

Hi, sorry for the delay, I

Hi, sorry for the delay, I must have missed the notification on your response. Is it still an issue for you? Do you have a screenshot?

Highlighted
Beginner

Thanks for reply,

Thanks for reply,

The problem fixed by new image installation, all APIC servers, Spine and Leaf should be in the same software level.

Highlighted
Beginner

Thank you for your

Thank you for your cooperation.

Thanks to you, I can step up ACI PoC.

Have nice day.

Highlighted
Beginner

Re: * SSH to your APIC(s) as

Hello,

and what about the CIMC configuration? 

I also want to reset the controllers including all switches. But the CIMC configuration should remain.

 

Thanks

udo  

Highlighted
Cisco Employee

Hello,If the admin user will

Hello,

If the admin user will not authenticate, try to log in through rescue-user. rescue-user is sort of a emergency user that will log in even if the APICs are not in a cluster. you can run admin level commands such as "eraseconfig setup"

Thanks for using the Support Forums! Have a nice day. 

View solution in original post

Highlighted
Beginner

Thank you for your response

Thank you for your response.

You mean rescue-user can log in without password, just only type in rescue-user at login prompt.

If so, i would solve the problem.

Could you check it once more?

Have nice day.

 

 

Highlighted
Cisco Employee

The rescue-user will use the

The rescue-user will use the same password as "admin",  IF the admin password was set.

CreatePlease to create content
Content for Community-Ad

Cisco COVID-19 Survey