Converting from Cisco NX-OS to ACI Boot Mode and from ACI Boot Mode Back to Cisco NX-OS

This chapter describes how to convert a Cisco Nexus 9000 Series switch from Cisco NX-OS to Cisco Application Centric Infrastructure (ACI) boot mode.


Note

If you need to convert the mode of operation from NX-OS to ACI and the NX-OS switch model has only 16G memory, then the switch requires an RAM memory upgrade to support the ACI mode. For more information about upgrading the RAM of such switches, refer to Adding an 8, 16, or 32 Gigabyte DIMM to a Cisco Nexus 9000 Series Switch.

This chapter contains the following sections:

Converting to ACI Boot Mode

You can convert any Cisco Nexus 9000 Series switch from Cisco NX-OS to ACI boot mode.


Note

When converting any switch from NX-OS (standalone) to ACI boot mode, you can delete the NX-OS image from the bootflash to save space.

Before you begin

Verify whether your switch hardware is supported in ACI boot mode by checking the "Supported Hardware" section of the Release Notes for Cisco Nexus 9000 Series ACI-Mode Switches. For example, line cards are not compatible between Cisco NX-OS and ACI boot mode.

Remove or turn off any unsupported modules (using the poweroff module module command). Otherwise, the software uses a recovery/retry mechanism before powering down the unsupported modules, which can cause delays in the conversion process.

For dual-supervisor systems, use the show module command to make sure that the standby supervisor module is in the ha-standby state.

Verify that the Application Policy Infrastructure Controller (APIC) is running Release 1.0(2j) or a later release.

Make sure that the ACI image is 11.0(2x) or a later release.

Use the show install all impact epld epld-image-name command to verify that the switch does not require any EPLD image upgrades. If any upgrades are required, follow the instructions in the Cisco Nexus 9000 Series FPGA/EPLD Upgrade Release Notes.

SUMMARY STEPS

  1. Verify that the switch is running the latest release.
  2. Follow these steps to copy the ACI image from the APIC:
  3. Follow these steps to boot to the ACI image:
  4. Verify whether you must install certificates for your device.

DETAILED STEPS

Step 1

Verify that the switch is running the latest release.

Example:

switch(config)# show version

Cisco NX-OS filenames begin with "nxos".

Step 2

Follow these steps to copy the ACI image from the APIC:

  1. Set the IP address on the mgmt0 interface of the switch to allow connectivity between this interface and the APIC.

  2. Enable SCP services on the switch.

    Example:

    switch(config)# feature scp-server

  3. From the APIC CLI, use SCP to copy the firmware image from the APIC to the active supervisor module on the switch.

    Example:

    admin@apic1:aci> scp -r /firmware/fwrepos/fwrepo/switch-image-name admin@switch-ip-address:switch-image-name

  4. For dual-supervisor systems, copy the ACI image to the standby supervisor module.

    Example:

    switch(config)# copy bootflash:aci-image bootflash://sup-standby/

Step 3

Follow these steps to boot to the ACI image:

  1. Configure the switch to not boot from Cisco NX-OS.

    Example:

    switch(config)# no boot nxos

  2. Save the configuration.

    Example:

    switch(config)# copy running-config startup-config

    Note

     

    You must run the copy running-config startup-config command prior to booting the ACI image. Do not run it after you enter the boot aci command.

  3. Boot the active and standby supervisor modules with the ACI image.

    Example:

    switch(config)# boot aci bootflash:aci-image-name

    Caution

     

    Do not enter the copy running-config startup-config command after the boot aci command. If you do, the switch will go to the loader> prompt.

  4. Verify the integrity of the file by displaying the MD5 checksum.

    Example:

    switch(config)# show file bootflash:aci-image-name md5sum

  5. Reload the switch.

    Example:

    switch(config)# reload

  6. Log in to the switch as an administrator.

    Example:

    Login: admin

Step 4

Verify whether you must install certificates for your device.

Example:

admin@apic1:aci> openssl asn1parse -in /securedata/ssl/server.crt

Look for PRINTABLESTRING in the command output. If "Cisco Manufacturing CA" is listed, the correct certificates are installed. If something else is listed, contact TAC to generate and install the correct certificates for your device.

Note

 

You might need to install certificates for Cisco Nexus 9000 Series switches that were shipped prior to May 2014.

To run this command, contact TAC.

What to do next

See the ACI and APIC documentation to configure and operate your switch in ACI mode: http://www.cisco.com/c/en/us/support/cloud-systems-management/application-policy-infrastructure-controller-apic/tsd-products-support-series-home.html.

Converting a Replacement Standby Supervisor to ACI Boot Mode

If you ever need to replace the standby supervisor module in a dual-supervisor system, you will need to copy and boot the ACI image for use with the replacement standby supervisor.

Before you begin

Copy the ACI image to a USB drive.

Procedure

Step 1

Reload the switch.

Example:

switch# reload

Step 2

Enter a break sequence (Ctrl-C or Ctrl-]) during the initial boot sequence to access the loader> prompt.

Example:


Ctrl-C
loader>

Step 3

Plug the USB drive containing the ACI image into the standby supervisor USB slot.

Step 4

Boot the ACI image.

Example:

loader> boot usb#:aci-image-name

Note

 

If you have two USB drives, enter the dir command to see which drive contains the ACI image. Then specify either usb1 or usb2 in the boot command.

Step 5

Log in to the switch as an administrator. 

Login: admin

Step 6

Copy the ACI image from the USB drive to the switch.

Example:

switch# copy usb#:aci-image-name bootflash:aci-image-name

Converting Back to Cisco NX-OS

You can convert a Cisco Nexus 9000 Series switch from ACI boot mode back to Cisco NX-OS.


Note

When converting any switch from ACI to NX-OS (standalone) boot mode, you can delete the ACI image from the bootflash to save space.

SUMMARY STEPS

  1. Reload the switch.
  2. Enter a break sequence (Ctrl-C or Ctrl-]) during the initial boot sequence to access the loader> prompt.
  3. Configure the boot process to stop at the switch(boot)# prompt.
  4. Boot the active supervisor module with the Cisco NX-OS image.
  5. Restores the switch's file system partitioning to the default settings. The bootflash filesystem is reset to Cisco NX-OS partitioning, and the Cisco NX-OS image is deleted.
  6. Completes the upload of the Cisco NX-OS image file.
  7. Recopy the Cisco NX-OS image into the bootflash: and set the appropriate boot variables to ensure that the system boots the Cisco NX-OS image on the next reload.
  8. Wait for the system controllers to come up, which could take approximately 15–20 minutes.
  9. Verify that the active supervisor module and the system controllers are in the active state.
  10. For dual-supervisor systems, follow Steps 3–6 on the standby supervisor.
  11. Log in to the switch and verify that it is running Cisco NX-OS software.

DETAILED STEPS

Step 1

Reload the switch.

Example:

switch# reload

Step 2

Enter a break sequence (Ctrl-C or Ctrl-]) during the initial boot sequence to access the loader> prompt.

Example:

Ctrl-C
loader>

Step 3

Configure the boot process to stop at the switch(boot)# prompt.

Example:

loader> cmdline recoverymode=1

Step 4

Boot the active supervisor module with the Cisco NX-OS image.

Example:

loader> boot nxos.9.2.3.bin

Note

 

If the Cisco NX-OS image that is mentioned in the boot variable is not present in the bootflash, the system falls back to the loader prompt during the boot sequence. To recover the switch from the loader prompt, boot the system through a different image present in the bootflash, perform a tftpboot , or boot through a USB device.

Note

 

For some Cisco NX-OS releases and Cisco Nexus 9000 Series switches, the following error message appears: 

!!Fatal error!!
Can't reserve space for RPM repo
Please free up bootflash space and reboot

If you see this error message, start over from Step 1. After Step 3, enter the cmdline init_system command and then go to Step 4. The switch boots into the normal Cisco NX-OS prompt and skips the switch(boot)# prompt.

Step 5

Restores the switch's file system partitioning to the default settings. The bootflash filesystem is reset to Cisco NX-OS partitioning, and the Cisco NX-OS image is deleted.

Example:

switch(boot)# init system

Step 6

Completes the upload of the Cisco NX-OS image file.

Example:

switch(boot)# load-nxos

Note

 

For some Cisco Nexus 9000 Series switches, the device does not load with the normal Cisco NX-OS prompt (switch#) and instead comes up as "bash-4.2#”. In this case, you must power cycle the device, jump to loader, and boot the NX-OS image using either TFTP or a USB method.

  • For the TFTP method - First assign an IP address and gateway to the device using the set ip ip address subnet mask and the set gw gateway address commands. This is required as the init system command in the above step erases all available configurations on the device

    Example

    loader> set ip 1.1.1.2 255.255.255.255.0
loader>set gw 1.1.1.1

    Then use the tftp command to load the image. 

    loader> boot tftp://<tftp server ip>/<nxos-image-name>

  • For the USB method - Mount the USB on the switch and execute the dir command on the loader to see the contents of the bootflash folder and the USB device.

    Example

    loader > dir
usb1::
lost+found
/nxos.9.x.y.bin

    Then boot the NX-OS image using the following command:

    loader> boot usb1:/nxos-image
Example: boot usb1:/nxos.9.x.y.bin

Once you boot the Cisco NX-OS image, the device loads as a Cisco NX-OS switch and you can continue with the remaining steps.

Step 7

Recopy the Cisco NX-OS image into the bootflash: and set the appropriate boot variables to ensure that the system boots the Cisco NX-OS image on the next reload.

Example:

TFTP example:

switch# copy tftp://tftp-server-ip/nxos-image-name bootflash:
switch# configure terminal
switch(config)# boot nxos bootflash:nxos-image-name
switch(config)# copy running-config startup-config
switch(config)# end

USB example:

switch# copy usb1:nxos-image-name bootflash:
switch# configure terminal
switch(config)# boot nxos bootflash:nxos-image-name
switch(config)# copy running-config startup-config
switch(config)# end

Step 8

Wait for the system controllers to come up, which could take approximately 15–20 minutes.

File system differences between ACI and Cisco NX-OS require one-time reformatting change during the ACI to Cisco NX-OS conversion. Subsequent reloads with the Cisco NX-OS image are faster.

Step 9

Verify that the active supervisor module and the system controllers are in the active state.

Example:

switch# show module

Step 10

For dual-supervisor systems, follow Steps 3–6 on the standby supervisor.

Step 11

Log in to the switch and verify that it is running Cisco NX-OS software.

Using SCP on the ACI Shell to Load NX-OS Image into Bootflash

Use this task if you have a switch in ACI mode and must convert it to NX-OS mode, but are unable to perform a TFTP boot and the USB option is not available. The following steps describe how to boot the switch on ACI mode, configure the management port, and copy the software image to the bootflash partition.

The leaf switch boots into ACI mode in fabric discovery state.

Procedure

Step 1

Log in with the username "admin" and no password. The command prompt appears:

#

Step 2

configure terminal

Example:

# configure terminal
(config)#

Step 3

interface mgmt 0

Example:

(config)# interface mgmt 0
(config-if)#

Step 4

ip address ipv4−address { [ /length ] | [ subnet−mask ] }

Example:

(config-if)# ip address 10.1.1.20/24
(config-if)#

Step 5

no shutdown

Example:

(config-if)# no shutdown
(config-if)#

Step 6

exit

Example:

(config-if)# exit
(config)#

Step 7

vrf context management

Example:

(config)# vrf context management
(config-vrf)#

Step 8

ip route ipv4−address { [ /length ] | [ subnet−mask ] } default-gw-ipv4−address { [ /length ] | [ subnet−mask ] }

Example:

(config-vrf)# ip route 0.0.0.0/0 10.1.1.30/24
(config-vrf)#

Step 9

end

Example:

(config-vrf)# end
#

Step 10

cd /bootflash

Example:

# cd /bootflash
#

Step 11

scp username @ scp-server-ip-address : nxos-image

Example:

# scp user1@10.1.1.25:n9000-dk9.7.0.3.I1.1.bin
#

Step 12

Reload the switch, break into the loader prompt, and follow the steps to load the NX-OS image as shown in the previous Converting Back to Cisco NX-OS the procedure. The newly copied software image appears in the bootflash.

Example

# configure terminal
(config)# interface mgmt 0
(config−if)# ip address 10.1.1.20/24
(config−if)# no shutdown
(config−if)# exit
(config)# vrf context management
(config−vrf)# ip route 0.0.0.0/0 10.1.1.30/24
(config−vrf)#end 
# cd /bootflash
# scp user1@10.1.1.25:n9000-dk9.7.0.3.I1.1.bin