Cisco Prime upgrade from 3.8 to 3.10.x

mqontt · ‎08-30-2023

Hey Guys,

i just want to have a quick check what is the best way to upgrade the 3.8 CPI (running on VM) to 3.10.x

After some good reads from cisco docs, i understand that only way to upgrade is to create a new VM, install 3.10 and restore the backup from the original CPI

My question is how (since i dont have much experience with CPI) is the best way to approach it?

1. Create new VM, install fresh 3.10 CPI to the new VM. Give new IP address/dfgw and basic configuration to this new CPI VM

2. Upgrade new CPI VM to 3.10.x patches

3. Create application backup on the old/current CPI

4. Restore the application backup on the new CPI VM

5. Re-address (IP) the old CPI to other IP than the original one

6. Re-address (IP) / rename the new CPI VM to original IP and dns name

7. decomission the old CPI VM

is this correct procedure ?

balaji.bandi · ‎08-30-2023

that should work high level - i would suggest below steps :

5. Re-address (IP) the old CPI to other IP than the original one ( rather adding new IP shutdown the VM, in case any issue you can turn off new VM and bring this for working condition)

6. Re-address (IP) / rename the new CPI VM to original IP and dns name ( when you shutdown the OLD VM, you use same IP address to new PI ) - you do not need any DNS change since you are not changing the IP.

Make sure all working as expected, and re-sync WLC and check the MAPS working as expected.

Note : do not make any changes until all working as expected.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

eglinsky2012 · ‎08-30-2023

Also, for a few versions now, Prime has been enabling DNSSEC by default. If your DNS servers don't support that, DNS won't work. You can test it by pinging some hostname from CLI. If it doesn't work, in the CLI, do:

config t

no ip dnssec

end

write memory

Any time you do an inline upgrade (such as 3.9 to 3.10), DNSSEC gets re-enabled, and you have to disable it again.