从DNA中心生成并提取RCA文件
简介
本文档介绍如何从Cisco DNA Center创建并提取根本原因分析(RCA)文件。
背景信息
您必须具有Cisco DNA Center的CLI访问权限。要使用CLI登录Cisco DNA Center,您必须通过安全套接字外壳(SSH)连接到Cisco DNA Center的管理IP地址,并使用maglev作为端口2222上的用户名。
请注意2.3.2.x中添加的限制外壳功能,该功能在禁用之前不允许运行许多命令。要在2.3.2.x或2.3.3.x中临时禁用受限外壳,请参阅本文档。在2.3.4.0及更高版本中,无法禁用受限制的外壳。
在单节点群集中生成RCA文件
在单节点群集中生成RCA文件步骤1:登录端口2222上的Cisco DNA Center CLI。使用maglev作为用户名,除非在初始设置时修改了用户名。然后运行rca命令。
[Tue Sep 11 15:08:48 UTC] maglev@10.1.1.1 (maglev-master-1) ~ $ sudo rca [sudo] password for maglev: =============================================================== Verifying ssh/sudo access =============================================================== Done =============================================================== Verifying administration access =============================================================== [administration] password for 'admin': <type your admin password> User 'admin' logged into 'kong-frontend.maglev-system.svc.cluster.local' successfully =============================================================== RCA package created on Tue Sep 11 15:32:47 UTC 2018 =============================================================== 2018-09-11 15:32:47 | INFO | Generating log for 'date'... tar: Removing leading `/' from member names /etc/cron.d/ /etc/cron.d/clean-journal-files <snip> /data/rca/maglev-x.x.x.x-rca-2018-09-11_15-32-40_UTC/docker_inspect_k8s_platform-ui_platform-ui-2963217120-rxv5d_maglev-system_1a09eb87-9f00-11e8-9d42-005d73c0c790_0.log /data/rca/maglev-x.x.x.x-rca-2018-09-11_15-32-40_UTC/sudo_ethtool_calife1d52fff20.log 2018-09-11 15:43:14 | INFO | Cleaning up RCA temp files... Created RCA package: /data/rca/maglev-x.x.x.x-rca-2018-09-11_15-32-40_UTC.tar.gz [Tue Sep 11 15:43:14 UTC] maglev@10.1.1.1 (maglev-master-1) ~在更新的Cisco DNA Center版本(2.3.4.x及更高版本)中,您能够执行$ rca copy。
$ rca --help
Help:
rca - root cause analysis collection utilities
Usage: rca [COMMAND] [ARGS]...
Commands:
clear - clear RCA files
copy - copy rca files to specified location
exec - collect RCA
view - restricted filesystem view在N节点群集中生成RCA文件
在N节点群集中生成RCA文件如果您拥有一个包含3个节点的集群,并且在任何设备上运行rca命令,Cisco DNA Center会提示您输入集群IP地址。在提示符处,输入要从中检索RCA的节点的集群间IP地址。
在本示例中,集群间IP地址在10.1.1.0/29范围内。
[Wed May 30 18:24:26 UTC] maglev@10.1.1.2 (maglev-master-10) ~ $ rca =============================================================== Verifying ssh/sudo access =============================================================== Done =============================================================== Verifying administration access =============================================================== Cluster: 10.1.1.3 [administration] username for 'https://10.1.1.3:443': admin [administration] password for 'admin': <type your admin password> User 'admin' logged into '10.1.1.3' successfully =============================================================== RCA package created on Wed May 30 18:24:44 UTC 2018 =============================================================== 2018-05-30 18:24:44 | INFO | Generating log for 'date'... tar: Removing leading `/' from member names /etc/cron.d/ /etc/cron.d/run-remedyctl运行rca 命令后,您指定的集群间IP地址将缓存到/home/maglev/.maglevconf中。下次运行rca命令时,Cisco DNA Center将使用同一节点来获取RCA信息。
[Wed May 30 18:23:37 UTC] maglev@10.1.1.2 (maglev-master-10) ~ $ rca [sudo] password for maglev: =============================================================== Verifying ssh/sudo access =============================================================== Done =============================================================== Verifying administration access =============================================================== [administration] password for 'admin': <type the admin password> User 'admin' logged into '10.1.1.3' successfully <-- it automatically logged into the cluster previously defined as the inter-cluster IP address =============================================================== RCA package created on Wed May 30 18:23:46 UTC 2018 =============================================================== 2018-05-30 18:23:46 | INFO | Generating log for 'date'... tar: Removing leading `/' from member names /etc/cron.d/ … rca continued…如果您需要在其他节点上运行rca命令,您必须删除在Cisco DNA Center中配置的上下文,则会要求您选择新的集群间IP地址,并且您可以定义另一个节点的IP地址。
[Wed May 30 18:24:10 UTC] maglev@10.1.1.2 (maglev-master-10) ~ $ sudo maglev context delete maglev-1 Removed command line context 'maglev-1' [Wed May 30 18:24:18 UTC] maglev@10.1.1.2 (maglev-master-10) ~ $ more /home/maglev/.maglevconf ;--------------------------------------------------------------------- ; Modified by Maglev: Wed, 30 May 2018 18:24:18 UTC ; maglev 73529 ;--------------------------------------------------------------------- [global] [Wed May 30 18:24:26 UTC] maglev@10.1.1.2 (maglev-master-10) ~ $ rca =============================================================== Verifying ssh/sudo access =============================================================== Done =============================================================== Verifying administration access =============================================================== Cluster: 10.1.1.2 <-- now it asks for the new cluster IP address [administration] username for 'https://10.1.1.2:443': admin [administration] password for 'admin': <type your admin password> User 'admin' logged into '10.1.1.2' successfully =============================================================== RCA package created on Wed May 30 18:24:44 UTC 2018 =============================================================== 2018-05-30 18:24:44 | INFO | Generating log for 'date'... tar: Removing leading `/' from member names /etc/cron.d/ /etc/cron.d/run-remedyctl在Windows计算机上提取RCA文件
在Windows计算机上提取RCA文件步骤1:下载WinSCP或您常用的SCP客户端。
第二步:使用CLI凭证登录到Cisco DNA Center,选择SCP作为文件协议,并选择端口号2222。
第三步:导航到/data/rca文件夹。
第四步:将RCA文件复制到本地计算机。
在Mac或Linux计算机上提取RCA文件
在Mac或Linux计算机上提取RCA文件步骤1:打开终端会话,然后执行以下步骤,将目录中Cisco DNA Center设备上存储的名为maglev-10.1.1.4-rca-2018-09-11_15-32-40_UTC.tar.gz/data/rca的RCA文件复制到计算机上的当前工作目录。
ALECARRA-M-P1Z8:~ alecarra$ scp -P 2222 maglev@mxc-dnac4.cisco.com:/data/rca/maglev-10.1.1.4-rca-2018-09-11_15-32-40_UTC.tar.gz ./ Welcome to the Maglev Appliance maglev@mxc-dnac4.cisco.com's password: <type your maglev password> maglev-10.1.1.4-rca-2018-09-11_15-32-40_UTC.tar.gz 100% 335MB 3.3MB/s 01:41 ALECARRA-M-P1Z8:~ alecarra$ 将RCA文件推送到Mac或Linux计算机
将RCA文件推送到Mac或Linux计算机从Cisco DNA Center设备的CLI,使用以下语法:
$ scp /data/rca/<RCA file name> <Mac/Linux username>@<Mac/Linux IP address>:<path to save the file>以下为实验中所用命令的示例:
$ scp /data/rca/maglev-10.1.1.4-rca-2018-09-11_15-32-40_UTC.tar.gz alecarra@10.24.133.238:/Users/alecarra/Documents/DNA The authenticity of host '10.24.133.238 (10.24.133.238)' can't be established. ECDSA key fingerprint is SHA256:u660kUomvMParNkcPIm7oXrDp84rilP5CM9wCWCFOAE. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added '10.24.133.238' (ECDSA) to the list of known hosts. Password: <type your Linux or Mac user password> maglev-10.1.1.4-rca-2018-09-11_15-32-40_UTC.tar.gz 100% 335MB 3.7MB/s 01:32 将RCA文件上传到TAC服务请求
将RCA文件上传到TAC服务请求您可以使用案例文件上传工具通过浏览器将RCA文件上传到您计算机上存在的TAC服务请求(SR)。根据需要指定案例编号。
将RCA文件推送到TAC SR
将RCA文件推送到TAC SR有两个选项可以将文件(例如RCA)直接从Cisco DNA Center设备上传到TAC服务请求)。在这两个选项中,用户名是SR编号,密码是每个SR唯一的标记。用户名/密码始终显示在服务请求开始时的注释中,也可以从SCM中检索。有关令牌的详细信息,请参阅向Cisco技术支持中心上传客户文件。
SR的输出示例:
Subject: 688046089: CXD Upload Credentials
You can now upload files to the case using FTP/FTPS/SCP/SFTP/HTTPS protocols and the following details:
Hostname: cxd.cisco.com
Username: 688046089
Password: gX***********P7第 1 项.通过HTTPS上传文件(最快选项和使用端口443)
第 1 项.通过HTTPS上传文件(最快选项和使用端口443)步骤1:测试您是否具有从Cisco DNA Center设备到cxd.cisco.com通过端口443的连接。以下是执行测试的一种方式:
$ nc -zv cxd.cisco.com 443
Connection to cxd.cisco.com 443 port [tcp/https] succeeded!
$第二步:如果测试成功,请使用此命令通过HTTPS上传文件:
$ curl -T “<filename with path>” -u <SR number> https://cxd.cisco.com/home/ (如果要查看上传的更详细视图,请添加-v选项。例如,“curl -vT …”。)
例如:
$ curl -T "./test.txt" -u 688046089 https://cxd.cisco.com/home/
Enter host password for user '688046089': <Type your CXD Upload password, unique to a Service Request, here>
[Tue Dec 10 13:35:47 UTC] maglev@10.1.1.1(maglev-master-1) ~
$受限外壳
受限外壳由于受限制的外壳阻止使用CURL,因此我们采用rca copy(利用scp)来启用到cxd.cisco.com的安全文件传输。
$ rca copy --files maglev-10.1.1.233-rca-2024-03-06_14-07-36_UTC.tar.gz 6969XXXXX@cxd.cisco.com:/
FIPS mode initialized
Warning: Permanently added the ECDSA host key for IP address '10.209.135.105' to the list of known hosts.
6969XXXXX6@cxd.cisco.com's password:
maglev-10.1.1.233-rca-2024-03-06_14-07-36_UTC.tar.gz第 2 项.通过SCP上传文件(使用端口22)
第 2 项.通过SCP上传文件(使用端口22)步骤1:测试您是否具有从Cisco DNA Center设备到cxd.cisco.com通过端口22的连接。以下是执行测试的一种方式:
$ nc -zv cxd.cisco.com 22
Connection to cxd.cisco.com 22 port [tcp/ssh] succeeded!
$第二步:如果测试成功,请使用此命令通过SCP上传文件:
$ scp <local filename with path> <SR number>@cxd.cisco.com:例如:
$ scp ./test.txt 688046089@cxd.cisco.com:
The authenticity of host 'cxd.cisco.com (X.X.X.X)' can't be established.
RSA key fingerprint is SHA256:3c8Vi3Ms2AITZlNzkBccR1pvE5ie9oMs64Uh0uhRado.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'cxd.cisco.com,X.X.X.X' (RSA) to the list of known hosts.
688046089@cxd.cisco.com's password: <Type your CXD Upload password, unique to a service request, here>
test.txt 100% 39 0.0KB/s 00:00
[Tue Dec 10 13:44:27 UTC] maglev@10.1.1.1 (maglev-master-1) ~
$ 修订历史记录
| 版本 | 发布日期 | 备注 |
|---|---|---|
3.0 |
21-Jun-2024 |
已更新简介部分、已更正的链接、已更正的链接以打开新页面、已审阅用户评论并扫描PII。 |
2.0 |
17-Feb-2022 |
已更正产品名称问题。 |
1.0 |
13-Aug-2021 |
初始版本 |
反馈