Cisco APIC Installation and ACI Upgrade and Downgrade Guide

Cisco APIC Installation and ACI Upgrade and Downgrade Guide
https://www.cisco.com/c/en/us/td/docs/dcn/aci/apic/all/apic-installation-aci-upgrade-downgrade/Cisco-APIC-Installation-ACI-Upgrade-Downgrade-Guide/m-
installing-or-recovering-cisco-apic-images.html#id_22801
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/4-x/getting-started/Cisco-APIC-Getting-Started-Guide-421/b-Cisco-APIC-Getting-Started-
Guide-421_chapter_010.html
Installing Cisco APIC Software Using Virtual Media

Installing or upgrading the Cisco APIC software using virtual media (vMedia) requires the following high-level process:
• Upgrade the Cisco Integrated Management Controller (CIMC) software, if necessary.

• Obtain the relevant Cisco APIC .iso image from Cisco.com.
Checksum verification:
C:\Users\hethakur\Downloads>certutil -hashfile aci-apic-dk9.5.2.2f.iso MD5

MD5 hash of file aci-apic-dk9.5.2.2f.iso:
ffd287454694b780ad1d256c2c986b18
CertUtil: -hashfile command completed successfully.
• Access the CIMC web interface for the controller.

• Mount the .iso image using the CIMC vMedia functionality.
• Boot or power cycle the controller.
• During the boot process, press F6 to select Cisco CIMC-Mapped vDVD as the one-time boot device. You may
be required to enter the BIOS password. The default password is password.
• Follow the onscreen instructions to install the Cisco APIC software.
Procedure
Step 1 Obtain the relevant Cisco APIC .iso image from CCO.
Step 2 Copy the .iso image to the Jump server.
Step 3 Access the KVM console:
a. Open the Cisco Integrated Management Controller (CIMC) GUI for the controller.
b. From the CIMC GUI, choose Server > Summary > Launch KVM, then select either Java based
KVM or HTML based KVM to access the KVM console.
We recommend using the Java based KVM option whenever possible, because it is a more
reliable option for larger-sized files.
Step 4 Access the Serial over LAN (SOL) console:
a. From a terminal window, log in to the CIMC console:

b. # ssh admin@cimc_ip
c.
Where cimc_ip is the CIMC IP address. For example:
# ssh admin@192.0.2.1
admin@192.0.2.1's password:
system#
scope sol
set enabled yes
set baud-rate 115200
commit
exit
After enabling SoL, enter the command connect host to access the APIC console.
Step 5 From the KVM console: Choose Power > Power Cycle System (cold boot) to power cycle the controller.
Step 6 From the SOL console: Watch the screen during the boot process and prepare to press F6 at the
appropriate moment to enter the boot selection menu.
You should first see the following messages as the boot process begins:
Cisco Systems, Inc.

Configuring and testing memory..
Configuring platform hardware...
...
System bootup messages continue to appear, until the point where you should see the following screen:
...
Press <F2> Setup, <F6> Boot Menu, <F7> Diagnostics, <F8> Cisco IMC COnfiguration, <F12> Network Boot
Step 7 From the SOL console: When you see the message above, press F6 to enter the boot selection menu.
You should see Entering boot selection menu... if you were able to press F6 at the appropriate moment. If
you miss your opportunity and were not able to press F6 at the appropriate moment, go back to Step 5 to
power cycle the controller and repeat the process until you are able to press F6 to enter the boot
selection menu.
Step 8 From the SOL console: At the boot selection menu, select the Cisco CIMC-Mapped vDVD1.22 option
as the one-time boot device.
/------------------------------------\
| Please select boot device: |
|------------------------------------|
| (Bus 05 Dev 00)PCI RAID Adapter |
| UNIGEN PHF16H0CM1-DTE PMAP |
| Cisco vKVM-Mapped vHDD1.22 |
| Cisco CIMC-Mapped vHDD1.22 |
| Cisco vKVM-Mapped vDVD1.22 |
| Cisco CIMC-Mapped vDVD1.22 |
| Cisco vKVM-Mapped vFDD1.22 |
| UEFI: Built-in EFI Shell |
| IBA GE Slot 0100 v1585 |
| IBA GE Slot 0101 v1585 |
| Enter Setup |
|------------------------------------|
| ^ and v to move selection |
| ENTER to select boot device |
| ESC to boot using defaults |
\------------------------------------/
You might also have to enter the BIOS password. The default password is password.
You can track the status of the process by going to Tools > Stats in the KVM console.
Enter the options for the initial setup, such as fabric name, number of controllers, tunnel endpoint address pool, and
infra VLAN ID to complete the installation process.
APIC-01
The following is a sample of the initial setup dialog as displayed on the console:
This setup utility will guide you through the basic configuration of
the system. Setup configures only enough connectivity for management
of the system.
*Note: setup is mainly used for configuring the system initially,

when no configuration is present. So setup always assumes system
defaults and not the current system configuration values.
Press Enter at anytime to assume the default values. Use ctrl-d

at anytime to restart from the beginning.
Cluster configuration ...

Enter the fabric name [ACI Fabric1]: RAJ-JAI-VKI
Enter the fabric ID (1-128) [1]:
Enter the number of active controllers in the fabric (1-9) [3]:
Enter the POD ID (1-9) [1]:
Is this a standby controller? [NO]:
Enter the controller ID (1-3) [1]: 1

Enter the controller name [apic1]: RAJ-JAI-VKI-APIC-01
Enter address pool for TEP addresses [10.0.0.0/16]: 172.16.0.0/16
Note: The infra VLAN ID should not be used elsewhere in your environment
and should not overlap with any other reserved VLANs on other platforms.
Enter the VLAN ID for infra network (2-4094): 4093
Enter address pool for BD multicast addresses (GIPO) [225.0.0.0/15]:
Out-of-band management configuration ...

Enable IPv6 for Out of Band Mgmt Interface? [N]:
Enter the IPv6 address [2001:420:28e:2020:0:ffff:ac1f:88e6/64]: 2401:4900:0024:0900:0:0:0:0706/123
Enter the IPv6 address of the default gateway [2001:420:28e:2020:acc:68ff:fe28:b540]:
2401:4900:0024:0900:0:0:0:0701
Enter the IPv4 address [192.168.10.1/24]: 172.16.192.6/28

Enter the IPv4 address of the default gateway [None]: 172.16.192.1
Enter the interface speed/duplex mode [auto]:
admin user configuration ...

Enable strong passwords? [Y]:
Enter the password for admin:
Reenter the password for admin:

Fabric name: RAJ-JAI-VKI
Fabric ID: 1
Number of controllers: 3
Controller name: RAJ-JAI-VKI-APIC-01
POD ID: 1
Controller ID: 1
TEP address pool: 172.16.0.0/16
Infra VLAN ID: 4093
Multicast address pool: 225.0.0.0/15

Management IP address: 172.25.192.6/28
Default gateway: 172.25.192.1
Interface speed/duplex mode: auto

Strong Passwords: Y
User name: admin
Password: ********
The above configuration will be applied ...
Warning: TEP address pool and Infra VLAN ID cannot be changed later,
these are permanent until the fabric is wiped.
Would you like to edit the configuration? (y/n) [n]:
bootstrap:reboot_setup Setup done during reboot
Configuring network...
APIC-02
of the system.



Enter the fabric name [RAJ-JAI-VKI]:
Enter the controller ID (1-3) [2]:
Standalone APIC Cluster ? yes/no [no]:
Enter the controller name [RAJ-JAI-AP]: RAJ-JAI-VKI-APIC-02
Enter the VLAN ID for infra network (1-4094) [1]: 4093

Enable IPv6 for Out of Band Mgmt Interface? [N]: Y
Enter the IPv6 address [2001:420:28e:2020:0:ffff:ac1f:88e6/64]: 2401:4900:0024:0900:0:0:0:0785/123
2401:4900:0024:0900:0:0:0:0781
Enable IPv4 also for Out of Band Mgmt Interface? [Y]:

This is not the first controller in the cluster.
The admin password only needs to be configured on
the first controller in the cluster. The local user
database will be synchronized to this controller
when this controller has joined the cluster.
Fabric ID: 1
POD ID: 1
Controller ID: 2
Infra VLAN ID: 4093


The admin user configuration will be syncronized
from the first controller after this controller
joins the cluster.
APIC-03
of the system.



Enter the fabric name [ACI Fabric1]: RAJ-JAI-VKI
Enter the controller ID (1-3) [1]: 3
Standalone APIC Cluster ? yes/no [no]:
Enter the controller name [apic3]: RAJ-JAI-VKI-APIC-03
Enter the VLAN ID for infra network (1-4094) [1]: 4093
Enable IPv6 for Out of Band Mgmt Interface? [N]: Y
Enter the IPv6 address [2001:420:28e:2020:0:ffff:ac1f:88e6/64]: 2401:4900:0024:0900:0:0:0:07a7/123
2401:4900:0024:0900:0:0:0:07a1
Enable IPv4 also for Out of Band Mgmt Interface? [Y]:

This is not the first controller in the cluster.
The admin password only needs to be configured on
the first controller in the cluster. The local user
database will be synchronized to this controller
when this controller has joined the cluster.
Fabric ID: 1
POD ID: 1
Controller ID: 3
Infra VLAN ID: 4093


The admin user configuration will be syncronized
from the first controller after this controller
joins the cluster.
Verification:
Replica vector (RV) : Vector of shard, replica with state. Leader for each shard.
RAJ-JAI-VKI-APIC-01# acidiag rvread

\- unexpected state; /-unexpected mutator;
s-> 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32lcl
r->123123123123123123123123123123123123123123123123123123123123123123123123123123123123123123123123lcl
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
Replicas are in expected states and are mutated by proper apic's
---------------------------------------------
clusterTime=<diff=288735 common=2021-10-15T16:22:43.239+00:00 local=2021-10-15T16:17:54.504+00:00 pF=<displForm=0
offsSt=0 offsVlu=0 lm(t):3(2021-10-14T22:51:20.444+00:00)>>
Replica vector (RV) : Vector of shard, replica with state. Leader for each shard
RAJ-JAI-VKI-APIC-01# acidiag avread

Local appliance ID=1 ADDRESS=172.16.0.1 TEP ADDRESS=172.16.0.0/16 ROUTABLE IP ADDRESS=0.0.0.0 CHASSIS_ID=a24ddbaa-
14cd-11ec-9ae6-010e44fe1224
Cluster of 3 lm(t):1(2021-10-14T22:46:01.312+00:00) appliances (out of targeted 3 lm(t):3(2021-10-
14T22:51:20.551+00:00)) with FABRIC_DOMAIN name=RAJ-JAI-VKI set to version=apic-5.2(2f) lm(t):3(2021-10-
14T22:51:37.880+00:00); discoveryMode=PERMISSIVE lm(t):0(1970-01-01T00:00:00.001+00:00); drrMode=OFF lm(t):0(1970-01-
01T00:00:00.001+00:00); kafkaMode=OFF lm(t):0(1970-01-01T00:00:00.001+00:00)
appliance id=1 address=172.16.0.1 lm(t):1(2021-09-23T05:47:55.682+00:00) tep address=172.16.0.0/16
lm(t):1(2021-09-23T05:47:55.682+00:00) routable address=0.0.0.0 lm(t):1(zeroTime) oob address=172.25.192.6/28
lm(t):1(2021-09-23T05:47:59.727+00:00) version=5.2(2f) lm(t):1(2021-10-14T22:50:50.264+00:00) chassisId=a24ddbaa-14cd-
11ec-9ae6-010e44fe1224 lm(t):1(2021-10-14T22:50:50.264+00:00) capabilities=0X7EEFFFFFFFFF--0X2020--0X7 lm(t):1(2021-
10-14T22:50:50.264+00:00) rK=(stable,present,0X206173722D687373) lm(t):1(2021-09-23T05:47:59.736+00:00)
aK=(stable,present,0X206173722D687373) lm(t):1(2021-09-23T05:47:59.736+00:00)
oobrK=(stable,present,0X206173722D687373) lm(t):1(2021-09-23T05:47:59.736+00:00)
oobaK=(stable,present,0X206173722D687373) lm(t):1(2021-09-23T05:47:59.736+00:00) cntrlSbst=(APPROVED, WZP25220PLP)
lm(t):1(2021-10-14T22:50:50.264+00:00) (targetMbSn= lm(t):0(zeroTime), failoverStatus=0 lm(t):0(zeroTime)) podId=1
lm(t):1(2021-09-23T05:47:55.682+00:00) commissioned=YES lm(t):1(zeroTime) registered=YES lm(t):1(2021-09-
23T05:47:55.682+00:00) standby=NO lm(t):1(2021-09-23T05:47:55.682+00:00) DRR=NO lm(t):0(zeroTime) apicX=NO
lm(t):1(2021-09-23T05:47:55.682+00:00) virtual=NO lm(t):1(2021-09-23T05:47:55.682+00:00) active=YES(2021-09-
23T05:47:55.682+00:00) health=(applnc:255 lm(t):1(2021-10-14T22:52:07.800+00:00) svc's)
lm(t):1(2021-10-14T22:50:51.129+00:00) version=5.2(2f) lm(t):2(2021-10-14T22:50:50.375+00:00) chassisId=7595f548-2d37-
11ec-ab2d-718a7c50fe16 lm(t):2(2021-10-14T22:50:50.375+00:00) capabilities=0X7EEFFFFFFFFF--0X2020--0X2 lm(t):2(2021-
oobaK=(stable,present,0X206173722D687373) lm(t):1(2021-10-14T22:50:51.129+00:00) cntrlSbst=(APPROVED, WZP24200748)
lm(t):85(2021-10-14T22:42:32.320+00:00) commissioned=YES lm(t):3(2021-10-14T22:48:00.951+00:00) registered=YES
lm(t):3(2021-10-14T22:48:00.951+00:00) standby=NO lm(t):85(2021-10-14T22:42:32.320+00:00) DRR=NO lm(t):1(2021-10-
14T22:48:00.951+00:00) apicX=NO lm(t):85(2021-10-14T22:42:32.320+00:00) virtual=NO lm(t):0(zeroTime) active=YES(2021-
10-14T22:50:50.227+00:00) health=(applnc:255 lm(t):2(2021-10-14T22:52:07.656+00:00) svc's)
lm(t):1(2021-10-14T22:50:51.147+00:00) version=5.2(2f) lm(t):3(2021-10-14T22:50:50.477+00:00) chassisId=be8a8d2a-2d39-
11ec-b218-47cccc6d132d lm(t):3(2021-10-14T22:50:50.477+00:00) capabilities=0X7EEFFFFFFFFF--0X2020--0X4 lm(t):3(2021-
oobaK=(stable,present,0X206173722D687373) lm(t):1(2021-10-14T22:50:51.147+00:00) cntrlSbst=(APPROVED, WMP2446006R)
lm(t):88(2021-10-14T22:45:18.940+00:00) commissioned=YES lm(t):2(2021-10-14T22:46:01.327+00:00) registered=YES
lm(t):2(2021-10-14T22:46:01.328+00:00) standby=NO lm(t):88(2021-10-14T22:45:18.940+00:00) DRR=NO lm(t):2(2021-10-
14T22:46:01.327+00:00) apicX=NO lm(t):88(2021-10-14T22:45:18.940+00:00) virtual=NO lm(t):0(zeroTime) active=YES(2021-
10-14T22:50:50.250+00:00) health=(applnc:255 lm(t):3(2021-10-14T22:52:07.772+00:00) svc's)
---------------------------------------------
clusterTime=<diff=288736 common=2021-10-14T22:53:08.207+00:00 local=2021-10-14T22:48:19.471+00:00 pF=<displForm=0
offsSt=0 offsVlu=0 lm(t):3(2021-10-14T22:51:20.444+00:00)>>
---------------------------------------------
Fabric node vector (FNV) : Vector of switch nodes with address, state
RAJ-JAI-VKI-APIC-01# acidiag fnvread

ID Pod ID Name Serial Number IP Address Role State LastUpdMsgId
--------------------------------------------------------------------------------------------------------------
1101 1 RAJ-JAI-VKI-ACI-LEAF FDO25270WHT 172.16.96.64/32 leaf active 0
1102 1 RAJ-JAI-VKI-ACI-LEAF FDO252710NZ 172.16.96.67/32 leaf active 0
1103 1 RAJ-JAI-VKI-ACI-LEAF FDO25270H2Z 172.16.96.69/32 leaf active 0
1104 1 RAJ-JAI-VKI-ACI-LEAF FDO25270H16 172.16.96.71/32 leaf active 0
1105 1 RAJ-JAI-VKI-ACI-LEAF FDO252710WA 172.16.96.72/32 leaf active 0
1106 1 RAJ-JAI-VKI-ACI-LEAF FDO25270WLL 172.16.96.73/32 leaf active 0
1107 1 RAJ-JAI-VKI-ACI-LEAF FDO25270WJ0 172.16.96.75/32 leaf active 0
1108 1 RAJ-JAI-VKI-ACI-LEAF FDO25270H3X 172.16.96.76/32 leaf active 0
1109 1 RAJ-JAI-VKI-ACI-LEAF FDO25270H1Y 172.16.96.78/32 leaf active 0
1110 1 RAJ-JAI-VKI-ACI-LEAF FDO252711MQ 172.16.96.77/32 leaf active 0
1111 1 RAJ-JAI-VKI-ACI-LEAF FDO252711MN 172.16.96.79/32 leaf active 0
1112 1 RAJ-JAI-VKI-ACI-LEAF FDO252711N0 172.16.96.80/32 leaf active 0
1201 1 RAJ-JAI-VKI-ACI-SPIN FDO25230040 172.16.96.68/32 spine active 0
1202 1 RAJ-JAI-VKI-ACI-SPIN FDO2523002V 172.16.96.65/32 spine active 0
1301 1 RAJ-JAI-VKI-MPLS-ACI FDO252710QJ 172.16.96.81/32 leaf active 0
1302 1 RAJ-JAI-VKI-MPLS-ACI FDO25270WN9 172.16.96.70/32 leaf active 0
1303 1 RAJ-JAI-VKI-ISP-ACI- FDO25270WJB 172.16.96.66/32 leaf active 0
1304 1 RAJ-JAI-VKI-ISP-ACI- FDO25270H4N 172.16.96.74/32 leaf active 0
Total 18 nodes
RAJ-JAI-VKI-APIC-01# show controller

Fabric Name : RAJ-JAI-VKI
Operational Size : 3
Cluster Size : 3
Time Difference : 288735
Fabric Security Mode : PERMISSIVE
ID Pod Address In-Band IPv4 In-Band IPv6 OOB IPv4 OOB IPv6
Version Flags Serial Number Health
---- ---- --------------- --------------- ------------------------- --------------- ---------------------------

--- ------------------ ----- ---------------- -------------
-----
1* 1 172.16.0.1 0.0.0.0 fc00::1 172.25.192.6 2401:4900:24:900::706/123
5.2(2f) crva- WZP25220PLP fully-fit
2 1 172.16.0.2 0.0.0.0 fc00::1 172.25.192.69 2401:4900:24:900::785/123

5.2(2f) crva- WZP24200748 fully-fit
3 1 172.16.0.3 0.0.0.0 fc00::1 172.25.192.87 2401:4900:24:900::7a7/123

5.2(2f) crva- WMP2446006R fully-fit
Flags - c:Commissioned | r:Registered | v:Valid Certificate | a:Approved | f/s:Failover fail/success

(*)Current (~)Standby (+)AS
RAJ-JAI-VKI-APIC-01# show controller detail

ID : 1*
Name : RAJ-JAI-VKI-APIC-01
UUID : a24ddbaa-14cd-11ec-9ae6-010e44fe1224
Pod ID : 1
Address : 172.16.0.1
In-Band IPv4 Address : 0.0.0.0
In-Band IPv6 Address : fc00::1
OOB IPv4 Address : 172.25.192.6
OOB IPv6 Address : 2401:4900:24:900::706/123
Serial Number : WZP25220PLP
Version : 5.2(2f)
Commissioned : YES
Registered : YES
Approved : APPROVED
Valid Certificate : yes
Validity End : 2029-05-14T20:25:41.000+00:00
Up Time : 21:17:09:54.000
Health : fully-fit
Failover Status : 0
ID : 2
UUID : 7595f548-2d37-11ec-ab2d-718a7c50fe16
Pod ID : 1
Address : 172.16.0.2
OOB IPv6 Address : 2401:4900:24:900::785/123
Serial Number : WZP24200748
Version : 5.2(2f)
Commissioned : YES
Registered : YES
Approved : APPROVED
Validity End : 2029-05-14T20:25:41.000+00:00
Up Time : 00:01:23:42.000
Health : fully-fit
Failover Status : 0
ID : 3
UUID : be8a8d2a-2d39-11ec-b218-47cccc6d132d
Pod ID : 1
Address : 172.16.0.3
OOB IPv6 Address : 2401:4900:24:900::7a7/123
Serial Number : WMP2446006R
Version : 5.2(2f)
Commissioned : YES
Registered : YES
Approved : APPROVED
Validity End : 2029-05-14T20:25:41.000+00:00
Up Time : 00:01:14:04.000
Health : fully-fit
Failover Status : 0
RAJ-JAI-VKI-APIC-01# show versions

Role Pod Node Name Version
---------- ---------- ---------- ------------------------ --------------------
controller 1 1 RAJ-JAI-VKI-APIC-01 5.2(2f)
leaf 1 1101 RAJ-JAI-VKI-ACI-LEAF-01 n9000-15.2(2f)
spine 1 1201 RAJ-JAI-VKI-ACI-SPINE-01 n9000-15.2(2f)
spine 1 1202 RAJ-JAI-VKI-ACI-SPINE-02 n9000-15.2(2f)
leaf 1 1301 RAJ-JAI-VKI-MPLS-ACI- n9000-15.2(2f)
BLEAF-01
leaf 1 1302 RAJ-JAI-VKI-MPLS-ACI- n9000-15.2(2f)
BLEAF-02
leaf 1 1303 RAJ-JAI-VKI-ISP-ACI- n9000-15.2(2f)
BLEAF-01
leaf 1 1304 RAJ-JAI-VKI-ISP-ACI- n9000-15.2(2f)
BLEAF-02
RAJ-JAI-VKI-APIC-01# acidiag verifyapic

openssl_check: certificate details
subject= CN=WZP25220PLP,serialNumber=PID:APIC-SERVER-L3 SN:WZP25220PLP
issuer= CN=Cisco Manufacturing CA,O=Cisco Systems
notBefore=Jul 1 03:55:29 2021 GMT
notAfter=May 14 20:25:41 2029 GMT
openssl_check: passed
openssl_check: certificate details
subject= /serialNumber=PID:APIC-SERVER-L3 SN:WZP25220PLP/CN=WZP25220PLP
Cert Type: APIC Cert
apic_cert_format_check: passed
ssh_check: passed
all_checks: passed
RAJ-JAI-VKI-APIC-01# acidiag run lldptool in eth2-1

Chassis ID TLV
MAC: d4:77:98:6c:da:3a
Port ID TLV
Local: Eth1/30
Time to Live TLV
120
Port Description TLV
topology/pod-1/paths-1101/pathep-[eth1/30]
System Name TLV
RAJ-JAI-VKI-ACI-LEAF-01
System Description TLV
topology/pod-1/node-1101
System Capabilities TLV
System capabilities: Bridge, Router
Enabled capabilities: Bridge, Router
Management Address TLV
IPv4: 172.25.192.3
Ifindex: 83886080
Cisco 4-wire Power-via-MDI TLV
4-Pair PoE supported
Spare pair Detection/Classification not required
PD Spare pair Desired State: Disabled
PSE Spare pair Operational State: Disabled
Cisco Port Role TLV
4
Cisco Port Mode TLV
0
Cisco Port State TLV
1
Cisco Name TLV
RAJ-JAI-VKI-ACI-LEAF-01
Cisco Serial Number TLV
FDO25270WHT
Cisco Model TLV
N9K-C9336C-FX2
Cisco Firmware Version TLV
n9000-15.2(2f)
Cisco Fabric Name TLV
RAJ-JAI-VKI
Cisco Node Role TLV
1
Cisco Infra VLAN TLV
4093
Cisco POD ID TLV
1
Cisco Node ID TLV
1101
Cisco Node IP TLV
IPv4:172.16.96.64
Cisco Appliance Vector TLV
Id: 1
IPv4: 172.16.0.1
UUID: a24ddbaa-14cd-11ec-9ae6-010e44fe1224
Id: 2
IPv4: 172.16.0.2
UUID: 7595f548-2d37-11ec-ab2d-718a7c50fe16
Id: 3
IPv4: 172.16.0.3
UUID: be8a8d2a-2d39-11ec-b218-47cccc6d132d
LLDP-MED Capabilities TLV
Device Type: netcon
Capabilities: LLDP-MED, Network Policy, Extended Power via MDI-PSE
LLDP-MED Network Policy TLV
01400000
End of LLDPDU TLV
RAJ-JAI-VKI-APIC-01# acidiag run lldptool out eth2-1

Chassis ID TLV
MAC: 4c:5d:3c:6b:ad:ac
Port ID TLV
MAC: 4c:5d:3c:6b:ad:ac
Time to Live TLV
120
Port Description TLV
eth2-1
System Name TLV
RAJ-JAI-VKI-APIC-01
System Description TLV
topology/pod-1/node-1
Management Address TLV
IPv4: 172.16.0.1
Ifindex: 2
Cisco Port State TLV
1
Cisco Node Role TLV
0
Cisco Node ID TLV
1
Cisco POD ID TLV
1
Cisco Fabric Name TLV
RAJ-JAI-VKI
Cisco Appliance Vector TLV
Id: 1
IPv4: 172.16.0.1
UUID: a24ddbaa-14cd-11ec-9ae6-010e44fe1224
Cisco Node IP TLV
IPv4:172.16.0.1
Cisco Port Role TLV
1
Cisco Infra VLAN TLV
4093
Cisco Serial Number TLV
WZP25220PLP
Cisco Authentication Cookie TLV
1357274098
Cisco Standby APIC TLV
0
End of LLDPDU TLV
Performing a Clean Initialization of the ACI Fabric
RAJ-JAI-VKI-APIC-02 login: rescue-user
********************************************************************************
Fabric discovery in progress, show commands are not fully functional
Logout and Login after discovery to continue to use show commands.
********************************************************************************
RAJ-JAI-VKI-APIC-02# acidiag touch clean
This command will wipe out this device, Proceed? [y/N] y
RAJ-JAI-VKI-APIC-02# acidiag touch setup
This command will reset the device configuration, Proceed? [y/N] y
RAJ-JAI-VKI-APIC-02# acidiag reboot
This command will restart this device, Proceed? [y/N] y
[ OK ] Started Show Plymouth Reboot Screen.
lldpad.bin[19673]: Eloop terminated. Exiting
RAJ-JAI-VKI-APIC-02 login: admin

Password:
Last login: 2021-10-14T21:06:35.000+00:00 UTC
RAJ-JAI-VKI-APIC-02# acidiag tou
Command entered is not APIC NX-OS style CLI.Trying shell command…
RAJ-JAI-VKI-APIC-02# acidiag touch clean

This command will wipe out this device, Proceed? [y/N] y
RAJ-JAI-VKI-APIC-02# acidiag touch setup
This command will reset the device configuration, Proceed? [y/N] y
RAJ-JAI-VKI-APIC-02# acidiag reboot
This command will restart this device, Proceed? [y/N] y
acidiag touch clean

acidiag touch setup
acidiag reboot
Note Ignore this error: acidiag: error: curl: (52) Empty reply from server.
The fabric is now clean rebooted, but the nodes are not discovered. You can now post node policies, register the
switches using the UI, or import a configuration backup.

Cisco APIC Installation and ACI Upgrade and Downgrade Guide - Ravi K

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Cisco APIC Installation and ACI Upgrade and Downgrade Guide - Ravi K

Uploaded by

Copyright:

Available Formats

Installing Cisco APIC Software Using Virtual Media

• Upgrade the Cisco Integrated Management Controller (CIMC) software, if necessary.

C:\Users\hethakur\Downloads>certutil -hashfile aci-apic-dk9.5.2.2f.iso MD5

• Access the CIMC web interface for the controller.

Step 2 Copy the .iso image to the Jump server.

Step 3 Access the KVM console:

a. From a terminal window, log in to the CIMC console:

Where cimc_ip is the CIMC IP address. For example:

Cisco Systems, Inc.

*Note: setup is mainly used for configuring the system initially,

Press Enter at anytime to assume the default values. Use ctrl-d

Cluster configuration ...

Enter the controller ID (1-3) [1]: 1

Out-of-band management configuration ...

Enter the IPv4 address [192.168.10.1/24]: 172.16.192.6/28

admin user configuration ...

Reenter the password for admin:

Cluster configuration ...

Out-of-band management configuration ...

admin user configuration ...

The above configuration will be applied ...

Would you like to edit the configuration? (y/n) [n]:

bootstrap:reboot_setup Setup done during reboot

*Note: setup is mainly used for configuring the system initially,

Press Enter at anytime to assume the default values. Use ctrl-d

Cluster configuration ...

Out-of-band management configuration ...

admin user configuration ...

Out-of-band management configuration ...

admin user configuration ...

The above configuration will be applied ...

Would you like to edit the configuration? (y/n) [n]:

bootstrap:reboot_setup Setup done during reboot

*Note: setup is mainly used for configuring the system initially,

Press Enter at anytime to assume the default values. Use ctrl-d

Cluster configuration ...

admin user configuration ...

Out-of-band management configuration ...

admin user configuration ...

The above configuration will be applied ...

Would you like to edit the configuration? (y/n) [n]:

bootstrap:reboot_setup Setup done during reboot

RAJ-JAI-VKI-APIC-01# acidiag rvread

RAJ-JAI-VKI-APIC-01# acidiag avread

RAJ-JAI-VKI-APIC-01# acidiag fnvread

RAJ-JAI-VKI-APIC-01# show controller

---- ---- --------------- --------------- ------------------------- --------------- ---------------------------

2 1 172.16.0.2 0.0.0.0 fc00::1 172.25.192.69 2401:4900:24:900::785/123

3 1 172.16.0.3 0.0.0.0 fc00::1 172.25.192.87 2401:4900:24:900::7a7/123

Flags - c:Commissioned | r:Registered | v:Valid Certificate | a:Approved | f/s:Failover fail/success

RAJ-JAI-VKI-APIC-01# show controller detail

RAJ-JAI-VKI-APIC-01# show versions

RAJ-JAI-VKI-APIC-01# acidiag verifyapic

RAJ-JAI-VKI-APIC-01# acidiag run lldptool in eth2-1

RAJ-JAI-VKI-APIC-01# acidiag run lldptool out eth2-1

Fabric discovery in progress, show commands are not fully functional

Logout and Login after discovery to continue to use show commands.

RAJ-JAI-VKI-APIC-02# acidiag touch clean

This command will wipe out this device, Proceed? [y/N] y

RAJ-JAI-VKI-APIC-02# acidiag touch setup

This command will reset the device configuration, Proceed? [y/N] y