Introduction : This EEM script will simplify the process of installing and activating OVA which involves following steps : Remove existing service interface configurations Deactivate existing OVA Uninstall existing OVA Copy the new OVA to router Install the OVA on the required VSM Add bundle configs and bundle member configurations (Incase of IPSec) Add vnic interfaces under virtual service Activating the OVA Adding CP VM configuration incase of IPSec service Validation in each above step
How the script simplifies above steps:
The steps mentioned in above step can reduced to easy process by using the EEM script by and can be done without any user intervention. Steps to do this are as follows, 1. Copy the EEM script to the router (one time for one router) 2. Register the script (one time for one router) 3. Set the environmental variables. 4. Run the script. Steps 3 and 4 only needs to repeated for each installation/activation.
What steps the script does internally:
The script follows following steps for Installing and activating OVA Check whether the VSM is in RUN state. If VSM is in RUN state, it will check whether any service is in either Installed/Activated/Deactivated state If service is in Installed state, script will uninstall the existing OVA If service is in Deactivated state, it will check whether any service related configurations are present. If service related configurations present in deactivated state, those configurations will be removed and then OVA will be uninstalled If service is in Activated state, script removes service related configurations and then uninstall the OVA Now copy of new OVA to router will happen Then Install of OVA on provided VSM will happen The above step is followed by adding VNIC members and service activation. If bundle configurations and bundle member configurations are required (for IPSec case), this also will be done. Base configurations for Control plane VM incase of IPSec will be done.
3. Create a username for eem users (not mandatory)
admin conf t username eem_user group root-system group cisco-support commit
4. Configuring AAA :
conf t aaa authorization eventmanager default local commit
5. Registering EEM script :
conf t event manager directory user policy disk0a:/usr/eem_scripts event manager directory user library disk0a:/usr/eem_lib event manager policy no_ova_install_activate.tcl username eem_user persist-time infinite commit
Please see attachment "EEM_base_configurations" for router log of above steps
Environmental Variables :
_eem_tftp_ova_file : tftp path where ova file exists default : none _eem_vsm_slot : VSM slot number default : none _eem_ova_type : ipsec | cgn default : ipsec _eem_ova_profile : half | full è not required for cgn default : full
_eem_router_ova_path : path in router where ova will be copied default : <home directory>/eem_ova _eem_service_members : bundle members incase of ipsec ova default : interfaces "2 3 4 5 6 7 8 9" for ipsec fullprofile interfaces "2 3 4 5" for ipsec half profile interface "0 1 2 3 4 5 6 7 8 9 10 11" for cgn _eem_bundle_number : interface number for bundle incase of ipsec default : 1 _eem_need_bundle_config : 0 | 1 , do we need bunde configurations incase of ipsec default : 0 _eem_bundle_address : ipv4 address on bundle interface incase of ipsec default : 192.168.1.2 _eem_bundle_mask : mask for _eem_bundle_address default : 255.255.255.0 _eem_service_name : service name default : ipsecf_<_eem_vsm_slot> for ipsec full profile ipsech_<_eem_vsm_slot> for ipsec full profile cgn_<_eem_vsm_slot> for cgn
How to trigger the script :
event manager run no_ova_install_activate.tcl
Example 1 : Triggering script for IPSec full profile with only mandatory arguments and letting the script assume default values for rest of the optional arguments Env Setting :
I'm new to all this.After a factory reset, I can attach the router to the internet with a static ip and ping 184.108.40.206 Installed 16port service module sm-es2-16-p. My goals are to attach all in home network devices to the 16 port switch with...
Just recently upgraded the ios to current version. During startup, getting error messages %SYS-6-READ_BOOTFILE_FAIL: tftp://255.255.255.255 It will try like 3 times, then boot the current version. From my understanding, its the f...
I have a remote IR829 that is running ir800-universalk9-mz.SPA.159-3.M4 making an EZVPN connection to a virtual ASA running asa9-14-4-12-smp-k8.bin. It works fine right now, but I am unable to upgrade past 9.14 code because the EZVPN connection keeps usin...
Dear community, I was looking to find the answer in regards the following question: "What is the result returned when performing a TraceRoute from one end of the tunnel to the over end of the tunnel". If the Tunnel is GRE, or other protocols.&n...
hello!i am interested to know if there is any way to create an EEM script that will send via syslog the verison of my NEXUS. for example:event manager applet VERISON_CHECKevent cli match "copy running-config startup-config"-> and then i want it to...