aci pre-upgrade validation script on APIC Fabric via cli command

Home » Blog » Switching » Software-Defined » aci application centric infrastructure » ACI DESIGN » upgrade software » aci pre-upgrade validation script on APIC Fabric via cli command

aci pre-upgrade validation script on APIC Fabric via cli command

25.02 2022 | by massimiliano

Procedura di applicazione aci pre-upgrade validation script su APIC Cisco via cli command   apic1# bash   aci@apic1:->  cd /data/techsupport   […]



Procedura di applicazione aci pre-upgrade validation script su APIC Cisco via cli command

 

apic1# bash

 

aci@apic1:->  cd /data/techsupport

 

aci@apic1:techsupport > dir

 

aci@apic1:techsupport > vi aci-preupgrade-validation-script.py

 

digita i per insert file

 

copia il seguente contenuto

 

aci-preupgrade-validation.txt

 

digita :wq per salvare il contenuto ed uscire da vi

 

digita chmode 755 aci-preupgrade-validation-script.py per i corretti permessi

 

aci@apic1:techsupport > dir

aci-preupgrade-validation-script.py

 

aci@apic1:techsupport > python aci-preupgrade-validation-script.py

 

Enter username for APIC logic                :  <username >

 

Enter password for corresponding User  :  <password>

 

Checking current APIC version (switch nodes are assumed to be on the same version) .. 4.2(4i)

 

Gathering APIC Version for Firware Repository …

 

[1]: aci-apic-dk9.4.2.3l.bin

[2]: aci-apic-dk9.4.2.4i.bin

 

What is the target Version ?          : 2

 

 You have chosen  “aci-apic-dk9.4.2.4i.bin”

 

 

 

[Check 1/37] APIC Target version image and MD5 hash…
Checking apic1…… DONE
Checking apic2…… DONE
Checking apic3…… DONE
PASS
[Check 2/37] Target version compatibility… PASS
[Check 3/37] Gen 1 switch compatibility… PASS
[Check 4/37] Remote Leaf Compatibility… No Remote Leaf Found N/A
[Check 5/37] APIC CIMC Compatibility… PASS
[Check 6/37] APIC Cluster is Fully-Fit… PASS
[Check 7/37] Switches are all in Active state… PASS
[Check 8/37] NTP Status… FAIL – UPGRADE FAILURE!!
Pod-ID Node-ID Recommended Action

  • —– ——- ——————

1 1 Not Synchronized. Check NTP config and NTP server reachability.
1 101 Not Synchronized. Check NTP config and NTP server reachability.
1 102 Not Synchronized. Check NTP config and NTP server reachability.
1 103 Not Synchronized. Check NTP config and NTP server reachability.
1 104 Not Synchronized. Check NTP config and NTP server reachability.
1 2 Not Synchronized. Check NTP config and NTP server reachability.
1 201 Not Synchronized. Check NTP config and NTP server reachability.
1 202 Not Synchronized. Check NTP config and NTP server reachability.
1 3 Not Synchronized. Check NTP config and NTP server reachability.

[Check 9/37] Firmware/Maintenance Groups when crossing 4.0 Release… Versions not applicable N/A
[Check 10/37] Features that need to be Disabled prior to Upgrade… FAIL – OUTAGE WARNING!!
Feature Name Status Recommended Action

  • —— —- —— ——————

App Center ELAM Assistant active Disable the app

[Check 11/37] Switch Upgrade Group Guidelines… PASS
[Check 12/37] APIC Disk Space Usage (F1527, F1528, F1529 equipment-full)… PASS
[Check 13/37] Switch Node /bootflash usage… all below 50% PASS
[Check 14/37] Standby APIC Disk Space Usage… No standby APIC found N/A
[Check 15/37] APIC SSD Health (F2731 equipment-wearout)… PASS
[Check 16/37] Switch SSD Health (F3073, F3074 equipment-flash-warning)… PASS
[Check 17/37] Config On APIC Connected Port (F0467 port-configured-for-apic)… PASS
[Check 18/37] L3 Port Config (F0467 port-configured-as-l2)… PASS
[Check 19/37] L2 Port Config (F0467 port-configured-as-l3)… PASS
[Check 20/37] L3Out Subnets (F0467 prefix-entry-already-in-use)… PASS
[Check 21/37] BD Subnets (F1425 subnet-overlap)… PASS
[Check 22/37] BD Subnets (F0469 duplicate-subnets-within-ctx)… PASS
[Check 23/37] VMM Domain Controller Status… No VMM Domains Found N/A
[Check 24/37] VMM Domain LLDP/CDP Adjacency Status… No LLDP/CDP Adjacency Failed Faults Found PASS
[Check 25/37] Different infra VLAN via LLDP (F0454 infra-vlan-mismatch)… PASS
[Check 26/37] HW Programming Failure (F3544 L3Out Prefixes, F3545 Contracts, actrl-resource-unavailable)… PASS
[Check 27/37] Scalability (faults related to Capacity Dashboard)… PASS
[Check 28/37] VPC-paired Leaf switches… PASS
[Check 29/37] Overlapping VLAN Pools… PASS
[Check 30/37] VNID Mismatch… PASS
[Check 31/37] L3Out MTU… Verify that these MTUs match with connected devices MANUAL CHECK REQUIRED
Tenant L3Out Node Profile Logical Interface Profile Pod Node Interface Type IP Address MTU

  • —– —– ———— ————————- — —- ——— —- ———- —

common AD1056 AD1056nodeProfile AD1056_vpcIpv4 1 103-104 CHECK-POINT-A ext-svi 0.0.0.0 1500
common AD1056 AD1056nodeProfile AD1056_vpcIpv4 1 103-104 CHECK-POINT-B ext-svi 0.0.0.0 inherit (9000)
common COLLAUDO-1060 COLLAUDO-1060nodeProfile COLLAUDO-1060vpcIpv4 1 101-102 F5-1-COLLAUDO ext-svi 0.0.0.0 1500
common COLLAUDO-1060 COLLAUDO-1060nodeProfile COLLAUDO-1060vpcIpv4 1 101-102 F5-2-COLLAUDO ext-svi 0.0.0.0 inherit (9000)

[Check 32/37] BGP Peer Profile at node level without Loopback… PASS
[Check 33/37] L3Out Route Map import/export direction… PASS
[Check 34/37] Intersight Device Connector upgrade status… Intersight Device Connector not responding N/A
[Check 35/37] EP Announce Compatibility… PASS
[Check 36/37] Eventmgr DB size defect susceptibility… PASS
[Check 37/37] Contract Port 22 Defect Check… PASS

=== Summary Result ===

PASS : 29
FAIL – OUTAGE WARNING!! : 1
FAIL – UPGRADE FAILURE!! : 1
MANUAL CHECK REQUIRED : 1
N/A : 5
ERROR !! : 0
TOTAL : 37

Pre-Upgrade Check Complete.
Next Steps: Address all checks flagged as FAIL, ERROR or MANUAL CHECK REQUIRED

Result output and debug info saved to below bundle for later reference.
Attach this bundle to Cisco TAC SRs opened to address the flagged checks.

Result Bundle: /data/techsupport/preupgradevalidator2022-02-25T07-40-51+0000.tgz

admin@apic1:techsupport>;

 

 

In caso ad esempio di overlapping vlan avremmo la seguente condizione indicata dallo script:

 

[Check 29/37] Overlapping VLAN Pools…                                                                            FAIL – OUTAGE WARNING!!

  Tenant  AP                 EPG   VLAN Pool (Domain) 1                                               VLAN Pool (Domain) 2                                               Recommended Action
  ——  —                 —   ——————–                                               ——————–                                               ——————
  common  AD                 104   CHECK-POINT (CHECK-POINT)                                          BRIDGE-NK5-NEW (BRIDGE-N5K)                                        Resolve overlapping VLANs between these two VLAN pools
  common  AD                 104   CHECK-POINT (CHECK-POINT)                                          UCS (UCS)                                                          Resolve overlapping VLANs between these two VLAN pools
  common  AD                 104   UCS (UCS)                                                             BRIDGE-NK5-NEW (BRIDGE-N5K)                                        Resolve overlapping VLANs between these two VLAN pools
   common  AD                 105   CHECK-POINT (CHECK-POINT)                                          BRIDGE-NK5-NEW (BRIDGE-N5K)                                        Resolve overlapping VLANs between these two VLAN pools
  common  AD                 105   CHECK-POINT (CHECK-POINT)                                          UCS (UCS)                                                          Resolve overlapping VLANs between these two VLAN pools
  common  AD                 105   UCS (UCS)                                                          BRIDGE-NK5-NEW (BRIDGE-N5K)                                        Resolve overlapping VLANs between these two VLAN pools
  common  DR-TEST            1303  UCS (UCS)                                                          BRIDGE-NK5-NEW (BRIDGE-N5K)                                        Resolve overlapping VLANs between these two VLAN pools
  common  DR-TEST            1308  UCS (UCS)                                                          BRIDGE-NK5-NEW (BRIDGE-N5K)                                        Resolve overlapping VLANs between these two VLAN pools
  common  DR-TEST            1310  UCS (UCS)                                                          BRIDGE-NK5-NEW (BRIDGE-N5K)                                        Resolve overlapping VLANs between these two VLAN pools
  common  DR-TEST            1311  UCS (UCS)                                                          BRIDGE-NK5-NEW (BRIDGE-N5K)                                        Resolve overlapping VLANs between these two VLAN pools
  common  DR-TEST            1312  UCS (UCS)                                                          BRIDGE-NK5-NEW (BRIDGE-N5K)                                        Resolve overlapping VLANs between these two VLAN pools
  common  DR-TEST            1401  UCS (UCS)                                                          BRIDGE-NK5-NEW (BRIDGE-N5K)                                        Resolve overlapping VLANs between these two VLAN pools
  common  DR-TEST            1403  UCS (UCS)                                                          BRIDGE-NK5-NEW (BRIDGE-N5K)                                        Resolve overlapping VLANs between these two VLAN pools
  common  DR-TEST            1430  UCS (UCS)                                                          BRIDGE-NK5-NEW (BRIDGE-N5K)                                        Resolve overlapping VLANs between these two VLAN pools
  common  DR-TEST            1630  UCS (UCS)                                                          BRIDGE-NK5-NEW (BRIDGE-N5K)                                        Resolve overlapping VLANs between these two VLAN pools
  common  DR-TEST            2201  UCS (UCS)                                                          BRIDGE-NK5-NEW (BRIDGE-N5K)                                        Resolve overlapping VLANs between these two VLAN pools
 ….
 ….
 …. 
 
  Reference Document: “Overlapping VLAN Pool” from from Pre-Upgrade Check Lists
[Check 30/37] VNID Mismatch…                                                                                     FAIL – OUTAGE WARNING!!
  EPG                                    Access Encap  Node ID  Fabric Encap
  —                                    ————  ——-  ————
  uni/tn-common/ap-AD/epg-104            vlan-104      101      vxlan-16695
  uni/tn-common/ap-AD/epg-104            vlan-104      102      vxlan-16695
  uni/tn-common/ap-AD/epg-104            vlan-104      103      vxlan-18093
  uni/tn-common/ap-AD/epg-104            vlan-104      104      vxlan-18093
  uni/tn-common/ap-AD/epg-105            vlan-105      101      vxlan-16696
  uni/tn-common/ap-AD/epg-105            vlan-105      102      vxlan-16696
  uni/tn-common/ap-AD/epg-105            vlan-105      103      vxlan-18094
  uni/tn-common/ap-AD/epg-105            vlan-105      104      vxlan-18094
  uni/tn-common/ap-BACKUP/epg-401        vlan-401      101      vxlan-21992
  uni/tn-common/ap-BACKUP/epg-401        vlan-401      102      vxlan-21992
  uni/tn-common/ap-BACKUP/epg-401        vlan-401      103      vxlan-21292
  uni/tn-common/ap-BACKUP/epg-401        vlan-401      104      vxlan-21292
  uni/tn-common/ap-BACKUP/epg-430        vlan-430      101      vxlan-36292
  uni/tn-common/ap-BACKUP/epg-430        vlan-430      102      vxlan-36292
  uni/tn-common/ap-BACKUP/epg-430        vlan-430      103      vxlan-32792
  uni/tn-common/ap-BACKUP/epg-430        vlan-430      104      vxlan-32792
  uni/tn-common/ap-DR-TEST/epg-1106      vlan-1106     101      vxlan-13694
  uni/tn-common/ap-DR-TEST/epg-1106      vlan-1106     102      vxlan-13694
  uni/tn-common/ap-DR-TEST/epg-1106      vlan-1106     103      vxlan-23592
  uni/tn-common/ap-DR-TEST/epg-1106      vlan-1106     104      vxlan-23592
  uni/tn-common/ap-DR/epg-304            vlan-304      101      vxlan-12792
  uni/tn-common/ap-DR/epg-304            vlan-304      102      vxlan-12792
  uni/tn-common/ap-DR/epg-304            vlan-304      103      vxlan-9092
  uni/tn-common/ap-DR/epg-304            vlan-304      104      vxlan-9092
  uni/tn-common/ap-default/epg-1004      vlan-1004     101      vxlan-9492
  uni/tn-common/ap-default/epg-1004      vlan-1004     102      vxlan-9492
  uni/tn-common/ap-default/epg-1004      vlan-1004     103      vxlan-11092
  uni/tn-common/ap-default/epg-1004      vlan-1004     104      vxlan-11092
  uni/tn-common/ap-default/epg-101       vlan-101      101      vxlan-8892
  uni/tn-common/ap-default/epg-101       vlan-101      102      vxlan-8892
  uni/tn-common/ap-default/epg-101       vlan-101      103      vxlan-19892
  uni/tn-common/ap-default/epg-101       vlan-101      104      vxlan-19892
  uni/tn-common/ap-default/epg-103       vlan-103      101      vxlan-35992
  uni/tn-common/ap-default/epg-103       vlan-103      102      vxlan-35992
  uni/tn-common/ap-default/epg-103       vlan-103      103      vxlan-12192
  uni/tn-common/ap-default/epg-103       vlan-103      104      vxlan-12192
  uni/tn-common/ap-default/epg-106       vlan-106      101      vxlan-16697
  uni/tn-common/ap-default/epg-106       vlan-106      102      vxlan-16697
  uni/tn-common/ap-default/epg-106       vlan-106      103      vxlan-18095
  uni/tn-common/ap-default/epg-106       vlan-106      104      vxlan-18095
  uni/tn-common/ap-default/epg-1068      vlan-1068     101      vxlan-13892
  uni/tn-common/ap-default/epg-1068      vlan-1068     102      vxlan-13892
  uni/tn-common/ap-default/epg-1068      vlan-1068     103      vxlan-11992
  uni/tn-common/ap-default/epg-1068      vlan-1068     104      vxlan-11992
  uni/tn-common/ap-default/epg-1074      vlan-1074     101      vxlan-33892
  uni/tn-common/ap-default/epg-1074      vlan-1074     102      vxlan-33892
  uni/tn-common/ap-default/epg-1074      vlan-1074     103      vxlan-33692
  uni/tn-common/ap-default/epg-1074      vlan-1074     104      vxlan-33692
  uni/tn-common/ap-default/epg-110       vlan-110      101      vxlan-32992
  uni/tn-common/ap-default/epg-110       vlan-110      102      vxlan-32992
  uni/tn-common/ap-default/epg-110       vlan-110      103      vxlan-23192
  uni/tn-common/ap-default/epg-110       vlan-110      104      vxlan-23192
  uni/tn-common/ap-default/epg-111       vlan-111      101      vxlan-21702
  uni/tn-common/ap-default/epg-111       vlan-111      102      vxlan-21702
  uni/tn-common/ap-default/epg-111       vlan-111      103      vxlan-14992
  uni/tn-common/ap-default/epg-111       vlan-111      104      vxlan-14992
  uni/tn-common/ap-default/epg-201       vlan-201      101      vxlan-9192
  uni/tn-common/ap-default/epg-201       vlan-201      102      vxlan-9192
  uni/tn-common/ap-default/epg-201       vlan-201      103      vxlan-18192
  uni/tn-common/ap-default/epg-201       vlan-201      104      vxlan-18192
  uni/tn-common/ap-default/epg-202       vlan-202      101      vxlan-9692
  uni/tn-common/ap-default/epg-202       vlan-202      102      vxlan-9692
  uni/tn-common/ap-default/epg-202       vlan-202      103      vxlan-18193
  uni/tn-common/ap-default/epg-202       vlan-202      104      vxlan-18193
  uni/tn-common/ap-default/epg-204       vlan-204      101      vxlan-16892
  uni/tn-common/ap-default/epg-204       vlan-204      102      vxlan-16892
  uni/tn-common/ap-default/epg-204       vlan-204      103      vxlan-8992
  uni/tn-common/ap-default/epg-204       vlan-204      104      vxlan-8992
  uni/tn-common/ap-default/epg-205       vlan-205      101      vxlan-16893
  uni/tn-common/ap-default/epg-205       vlan-205      102      vxlan-16893
  uni/tn-common/ap-default/epg-205       vlan-205      103      vxlan-8993
  uni/tn-common/ap-default/epg-205       vlan-205      104      vxlan-8993
  uni/tn-common/ap-default/epg-207       vlan-20       102      vxlan-21611
  uni/tn-common/ap-default/epg-207       vlan-207      101      vxlan-32192
  uni/tn-common/ap-default/epg-207       vlan-207      102      vxlan-21798
  uni/tn-common/ap-default/epg-207       vlan-207      103      vxlan-18392
  ….
  …
  Recommended Action: Remove any domains with overlapping VLAN Pools from above EPGs, then redeploy VLAN
  Reference Document: “Overlapping VLAN Pool” from Pre-Upgrade Check Lists
Torna in alto