Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
818
Views
0
Helpful
9
Replies

Install Mode SNMP commands

swDev
Level 1
Level 1

‎05-09-2022 08:12 PM

Hi, 

We are trying to automate IOS upgrades. We can copy over the new IOS and reload the devices with SNMP, however we haven't been able to find a solution to replace the install commands. Does anyone know an SNMP alternative for these 2 install commands: 

 

- install remove inactive

- install add file flash:file_name.bin activate commit

 

We have tried to automate SSH with C# in the past and have run into various issues, especially with commands that have confirms. 

Labels:
0 Helpful
9 Replies 9

Leo Laohoo
Hall of Fame
Hall of Fame

‎05-09-2022 08:24 PM - edited ‎05-11-2022 05:49 PM

Please do not "automate" IOS-XE upgrade. 

There are bugs in "Install Mode", such as: 

  1. The package will not kick off. 
  2. The package will not "unpack". 
  3. The new packages.conf file will not be properly "created" (and the system will still be pointing to the old IOS-XE packages)

These bugs cannot be "detected" by automation -- Even DNAC (2.2.2.8) can/do not detect the bugs I've just highlighted.  And if DNAC automation attempts Install Mode and any of these bugs hit, be lucky if "nothing happens".  I shudder to think what would happen if the switch boots into ROMMON.  

 

0 Helpful

swDev
Level 1
Level 1
In response to Leo Laohoo

‎05-09-2022 09:21 PM

Thank you for your response. Are you saying that there are no alterative ways to run these commands? Would it be safer to do in bundle mode? If the switch boots to rommon couldn't you just console in TFTP over the IOS and boot to the .bin? This is not a high demand environment and downtime is normal/expected.

0 Helpful

Leo Laohoo
Hall of Fame
Hall of Fame
In response to swDev

‎05-09-2022 10:08 PM - edited ‎05-09-2022 10:28 PM

@swDev wrote:

Are you saying that there are no alterative ways to run these commands?

Running the command is one thing, however, extracting the "output" is different.  IOS-XE behaves differently with classic IOS.  In classic IOS, there is one command to extract the IOS BIN file.  In IOS-XE there are MANY COMMANDS required and each command has one function.  It is very complicated and it is fraught with danger if going down the automation way.  Even DNAC cannot do 100% IOS-XE upgrade.  

I upgraded 14 x 9500 using DNAC (2.2.2.8) back in March 2022.  The results are: 

  • 10 x 9500 upgraded fine. 
  • 2 x 9500 did not upgrade.  The BIN file is not present.  
  • 1 x 9500 did not upgrade.  The package was extracted but the package.conf file was still pointing to the wrong IOS-XE version. 
  • 1 x 9500 did not upgrade.  DNAC freaked out when the existing package and "destination" version are the same but did not reboot the switch.  

Remember, this is DNAC, Cisco's "uber" expensive, super-NMS server that will do everything (except cook breakfast), doing the firmware upgrade -- A failure rate of 2 in 7.  And this failure rate is very high and totally unacceptable.  

 

0 Helpful

swDev
Level 1
Level 1
In response to Leo Laohoo

‎05-11-2022 06:30 AM

Thank you. I definitely understand that extracting the output is very difficult. We were scraping the screen with SSH. With SNMP we are at least able to monitor status with SNMP walks. I understand that this is very difficult to do, but we would give it our best attempt. If there there are any SNMP or Restconf alternatives to run the install commands I would love to try them out

0 Helpful

swDev
Level 1
Level 1
In response to swDev

‎05-11-2022 03:58 PM

So this looks like this is possible with the RESTCONF Cisco-XE-install-rpc yang module. https://github.com/YangModels/yang/blob/main/vendor/cisco/xe/1731/Cisco-IOS-XE-install-rpc.yang

enum "remove-use-inactive" {
 value 2;
 description
 "Option to remove inactive image";
 }
grouping install {
 description
 "Install download image, installing or upgrading package and
 activate software image. Installs image only or allows one shot operation
 option to install, activate and commit image in one step action";

 

 

I doesn't look like it's available on anything below version 17.2.1 though. I'm not sure if we can use that on our 3650s

 

Is there an SNMP alternatives

0 Helpful

Leo Laohoo
Hall of Fame
Hall of Fame
In response to swDev

‎05-11-2022 04:02 PM

@swDev wrote:

If there there are any SNMP or Restconf alternatives to run the install commands I would love to try them out

There are various SNMP methods to "push" the Install commands.  That is not the problem. 
The problem is when the system "bugs out".  

I have been upgrading IOS-XE routers, switches and WLC for many years.  Every time I do that, I need to pay attention to the output because they spell the difference between booting to the correct (and intended) version, booting into the old version or booting into ROMMON.  

0 Helpful

swDev
Level 1
Level 1
In response to Leo Laohoo

‎05-11-2022 05:21 PM

Interesting, do you happen to know what the MIBs are or where I can find the documentation?

0 Helpful

Leo Laohoo
Hall of Fame
Hall of Fame
In response to swDev

‎05-11-2022 05:48 PM

@swDev wrote:

do you happen to know what the MIBs are or where I can find the documentation?

Contact Cisco TAC. 

In the last six years, Cisco's documentation has been in an abysmal state and I do not believe any effort has been made to improve it.  

0 Helpful

swDev
Level 1
Level 1
In response to Leo Laohoo

‎05-11-2022 06:04 PM

I will give that a shot. Thanks!

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card