KRON not working

jackykw123 · ‎09-02-2021

Dear Sir,

Here is informaiton of the hardware.

Hardware : WS-C3560X-48T-S

Firmware : 15.2(1)E1

I have configured KRON to backup the switch configuraiton to the TFTP server recently and found it is now real working .

The configuration sent to the TFTP server is uncompleted. The content of the file received have two lines only.

## content sent to the TFTP server##

Building configuration...
Current configuration : 26261 bytes

On the other hand, after the KRON executed 1st time, the kron policy-list removed from the running config . But it is still in the flash configuraiton.

SW01#show run | section kron
kron occurrence CFG-BACKUP-MONDAY at 0:00 Mon recurring
policy-list CFG-BACKUP

SW01#show config | section kron
kron occurrence CFG-BACKUP-MONDAY at 0:00 Mon recurring
policy-list CFG-BACKUP

kron policy-list CFG-BACKUP
cli show running-config | redirect tftp://100.100.100.1/SW.cfg

The samilar configuraiton is working on other Cisco Switches. What wrong with my WS-C3560X-48T-S ?

Regards,

Jacky

Leo Laohoo · ‎09-02-2021

archive
 log config
  logging enable
  hidekeys
 path tftp://IP_ADDRESS/$h-
 write-memory
 time-period 10080

There are two ways to export the config file to the TFTP server:

1. When someone saves the config;

2. After 1 week.

jackykw123 · ‎09-05-2021

Hi Leo,

Thanks for the information, I have tried the archive command and want to backup the configuraiton everyday.

The backup task working @ the 1st day . After that , the information sent to the TFTP server is not completed. (only the first few lines sent to the server).

Two cisco switch have samilar behavior . I have something missed ?

### Current Archive Setting ###

archive
log config
logging enable
path tftp://192.168.254.29/$h_$t
write-memory
time-period 1440
no file verify auto
###

### only few lines sent to the TFTP server ###

!
! Last configuration change at 09:56:31 HKT Fri Sep 3 2021 by jackychan
! NVRAM config last updated at 09:56:32 HKT Fri Sep 3 2021 by jackychan
!
!
!
!

Leo Laohoo · ‎09-05-2021

Upgrade the firmware of the switch and try again.

Dustin Anderson · ‎09-02-2021

We ran into this as KRON is apparently not working in the newer Linux based code and Cisco has decided not to fix it. This is what TAC gave us back for doing a save on our switches, 9300's don't support it without DNA licensing, but older switches may.

Here is from TAC clarifying KRON bugs, and not going to be fixed and the applet they gave to use.

Thank you for clarifying the issue. We have analyzed the crash files and here are our findings.

Given the crash decodes and all the symptoms observed in this case, we can conclude this issue was due to the following bugs:

CSCvp92564 "KRON: Script prevents to save configuration and results in unexpected reload"

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvp92564

CSCvp05530 "Write memory lock // Cannot save configuration on Catalyst 9200 switch"

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvp05530

Both bugs are duplicated of CSCul21787 ”Kron policy configurations getting removed after kron schedule run”.

Also, these defects were marked as “Closed”, meaning there’s no actual fix here as our development team decided that the fix was too risky from a code perspective. Moreover, we can achieve same functionality using an EEM script.

In addition to this, the “IOS KRON” feature was not designed for running interactive commands (such as “write” or “copy run start”).

Hence, as per bug details, the KRON configuration should be removed and it should be replaced with an EEM script in order to prevent unexpected reboots in the future.

According to bug details (bug CSCvp92564), it is mandatory to follow the steps described in the “Further Problem Description” section so we can ensure that we have properly removed the Kron config:

To safely disable the KRON script follow these steps:

Reload the device
Remove the KRON script configuration
Save the configuration
Confirm that the startup configuration has no KRON script statements
Reload the device
Configure the new EEM script to save configuration

If any other method is attempted to remove the KRON script it results in either a crash or the KRON process fail to clear the memory and face the bug later on.

This EEM script with CRON is a sample to replace the affected KRON script:

event manager applet CRON-EEM

event timer cron cron-entry "*/1 * * * *"

action 0.0 syslog msg "CRON-EEM script triggered"

action 1.0 cli command "enable"

action 2.0 cli command "write"

Some additional details for the EEM event timer feature can be found in the link listed below:

Cisco IOS Embedded Event Manager Command Reference >>> event timer

https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/eem/command/eem-cr-book/eem-cr-e2.html

If you have any further questions or concerns please don’t hesitate to contact us.