Solved: After spending several hours

thsmfe001 · ‎10-08-2014

In case fabric domain name mismatch, the mismatched APIC under a APIC cluster can be handled by console and GUI.

I've checked a lot of documents regarding APIC troubleshooting but i couldn't find it.

I think i have to do initial setup to put it on APIC cluster.

Could you tell me What i should do?

Tomas de Leon · ‎10-08-2014

* SSH to your APIC(s) as "admin" user

* Use the "eraseconfig setup"

ie.

apic1:~> e
eraseconfig Erase configuration, restore to factory settings

apic1:~> eraseconfig
<CR> Carriage Return
setup Erases the setup data

I hope this helps!

Other reference material:

Cisco APIC Troubleshooting Guide

http://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/1-x/troubleshooting/b_APIC_Troubleshooting/b_APIC_Troubleshooting_chapter_0101.html

View solution in original post

dpita · ‎10-08-2014

Hello,

If the admin user will not authenticate, try to log in through rescue-user. rescue-user is sort of a emergency user that will log in even if the APICs are not in a cluster. you can run admin level commands such as "eraseconfig setup"

Thanks for using the Support Forums! Have a nice day.

View solution in original post

Andrew C · ‎03-01-2016

After spending several hours yesterday searching for an answer, I wanted to comment with the commands in the newer versions of ACI (specifically 1.2(2g)).

The eraseconfig command no longer appears to delete the whole fabric, some things are left behind. To wipe the fabric completely, these are the steps which worked for me (provided by a friendly contact at Cisco Advanced Services):

connect to the CLI on each switch node (all leaves and spines) and run:

Node# setup-clean-config.sh
Node# reload
This command will reload the chassis, Proceed (y/n)? [n]: y

connect to the CLI on each of the APICs - log in as either "admin" or "rescue-user"

acidiag touch setup
acidiag reboot

This left me with a clean fabric as it was when it came off the back of the delivery truck (except for the CIMC addressing which is fine).

The Cisco AS advice I got for re-building is to adopt the following sequence:

Power on 1 APIC only
Go through the wizard for the basic configuration either using a monitor and keyboard connected to the device or over the CIMC connection
Logon to the ACI APIC GUI (https://oobMgmtAddress)
Perform fabric discovery, assign node ID's and names
Once all nodes in the fabric are discovered, power on APIC 2
Go through the wizard on APIC 2
Once APIC 2 shows in the fabric topology, power on APIC 3
Go through the wizard on APIC 3

I hope this helps some people who, like me, come across this article with newer ACI versions.

Andrew

View solution in original post

Tomas de Leon · ‎10-08-2014

* SSH to your APIC(s) as "admin" user

* Use the "eraseconfig setup"

ie.

apic1:~> e
eraseconfig Erase configuration, restore to factory settings

apic1:~> eraseconfig
<CR> Carriage Return
setup Erases the setup data

I hope this helps!

Other reference material:

Cisco APIC Troubleshooting Guide

http://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/1-x/troubleshooting/b_APIC_Troubleshooting/b_APIC_Troubleshooting_chapter_0101.html

thsmfe001 · ‎10-08-2014

Thank you for your helpful reply.

Your solution is clearing back to factory setup under admin user.

Unfortunately i've been able to log in admin account, so i have to need another account for emergency access.

If you have solution for emergency login, let me know that.

thank you.

Tomas de Leon · ‎10-09-2014

Try this:

Resetting APIC 'admin' password

1- Connect USB to the APIC. The USB is to contains single dummy file named 'aci-admin-passwd-reset'

2- Reboot the APIC

3- Interrupt the reboot when the prompt is shown "Press any key to enter the menu"

4- The next screen will show version of Linux installed on the APIC

5- Select the correct version

6- Type 'e' to edit this command

7- Add "aci-admin-password-reset' to the end of the command and press enter

8- Press 'b' to boot.

9- the APIC will boot to a prompt and ask for the new 'admin' password

Let us know how it goes

Andrew C · ‎03-01-2016

After spending several hours yesterday searching for an answer, I wanted to comment with the commands in the newer versions of ACI (specifically 1.2(2g)).

The eraseconfig command no longer appears to delete the whole fabric, some things are left behind. To wipe the fabric completely, these are the steps which worked for me (provided by a friendly contact at Cisco Advanced Services):

connect to the CLI on each switch node (all leaves and spines) and run:

Node# setup-clean-config.sh
Node# reload
This command will reload the chassis, Proceed (y/n)? [n]: y

connect to the CLI on each of the APICs - log in as either "admin" or "rescue-user"

acidiag touch setup
acidiag reboot

This left me with a clean fabric as it was when it came off the back of the delivery truck (except for the CIMC addressing which is fine).

The Cisco AS advice I got for re-building is to adopt the following sequence:

Power on 1 APIC only
Go through the wizard for the basic configuration either using a monitor and keyboard connected to the device or over the CIMC connection
Logon to the ACI APIC GUI (https://oobMgmtAddress)
Perform fabric discovery, assign node ID's and names
Once all nodes in the fabric are discovered, power on APIC 2
Go through the wizard on APIC 2
Once APIC 2 shows in the fabric topology, power on APIC 3
Go through the wizard on APIC 3

I hope this helps some people who, like me, come across this article with newer ACI versions.

Andrew

ys173p · ‎07-21-2017

We have three APIC servers and I'm trying to do initial setup configuration and connected through the console (Monitor and keyboard). cluster configuration was setup for the first server and I changed admin password successfully but it didn't go through for second server and didn't ask me to set the admin password, and I can't login with admin user. I have tried following procedure three times and recovered admin password but I can't login again,

http://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/1-x/troubleshooting/b_APIC_Troubleshooting/b_APIC_Troubleshooting_chapter_0100.pdf

any thing should be configured in cluster side? or something missing.

Appreciate if you can help me on this.

Andrew C · ‎07-21-2017

Hi,

Does this help? Something I wrote up last time I went through it:

https://aciandme.wordpress.com/2016/03/01/recommended-sequence-for-apic-build-and-fabric-discovery/

Andrew

ys173p · ‎07-21-2017

Thanks Andrew but I see one APIC1 only while setup APIC2 also,

any thought?

Andrew C · ‎08-16-2017

Hi, sorry for the delay, I must have missed the notification on your response. Is it still an issue for you? Do you have a screenshot?

ys173p · ‎08-16-2017

Thanks for reply,

The problem fixed by new image installation, all APIC servers, Spine and Leaf should be in the same software level.

thsmfe001 · ‎10-09-2014

Thank you for your cooperation.

Thanks to you, I can step up ACI PoC.

Have nice day.

udo.konstantin · ‎09-28-2017

Hello,

and what about the CIMC configuration?

I also want to reset the controllers including all switches. But the CIMC configuration should remain.

Thanks

udo

dpita · ‎10-08-2014

Hello,

If the admin user will not authenticate, try to log in through rescue-user. rescue-user is sort of a emergency user that will log in even if the APICs are not in a cluster. you can run admin level commands such as "eraseconfig setup"

Thanks for using the Support Forums! Have a nice day.

thsmfe001 · ‎10-08-2014

Thank you for your response.

You mean rescue-user can log in without password, just only type in rescue-user at login prompt.

If so, i would solve the problem.

Could you check it once more?

Have nice day.

Tomas de Leon · ‎10-09-2014

The rescue-user will use the same password as "admin", IF the admin password was set.

How can i make a APIC to a factory default ?