分類: Cisco

[Cisco] UCSM / FI6248UP ‘code F0909 , default Keyring’s certificate is invalid, reason: expired’

慵懶老K發表留言

在維護已久的UCSM (FI6xxx) series總是容易見著這樣的錯誤訊息。不去理會其它不會對維運設備造成太大影響,只是偶而客戶問及總不希望有個錯誤訊息掛載在那兒。
ucs-error.jpg

Resolution :

step01. SSH login UCSM

step02. # scope security

step03. /security# scope keyring default

step04./security/keyring# set regenerate yes

step05./security/keyring* commit-buffer // 套用立即生效

等待幾分鐘這個錯誤訊息即會消失..^O^

 

Rerfernce :

  1. vStrong.info – HOW TO: Regenerate expired UCS Manager certificate
  2. virtualbuildingblocks.com – Regenerate Expired Cisco UCS Certificate
  3. vnotions – Fix: Cisco UCSM – Default Keyring’s certificate is invalid

[Cisco] How to login LDAP / AD enviroment UCSM ?

慵懶老K發表留言
  • Putty
    Login as: ucs-<domain-name>\<username>
  • From Linux / MAC machine
    ssh ucs-<domain-name>\\<username>@<UCSM-IP-Address>
    ssh -l ucs-<domain-name>\\<username> <UCSM-IP-address>
    ssh <UCSM-IP-address> -l ucs-<domain-name>\\<username>

它能夠登入重點在於前面一定要帶 " ucs- " 才能登入就對了。

Reference : UCSM LDAP Troubleshooting guide

[Network] Cisco C2960G-48TC-L IOS upgrade procedure

慵懶老K發表留言

step01. check current version
# shoe version 或 show boot

step02. check file use state
# shoe flash: 或 dir flash:

step03. temporary Switch IP
> enable
#configure terminal
#interface vlan 1
#ip address 192.168.1.100 255.255.255.0
#no shutdown

step04. client ping switch IP is OK
> ping 192.168.1.100

step05. double check file system free space enough , if not , please delete current IOS
<僅CLI就更新.bin>
# delete c2960-lanbasek9-mz.122-58.SE2.bin
# copy tftp: flash:
<含GUI方式需用.tar更新>
# archive tar /xtract tftp://x.x.x.x/c2960-lanbasek9-tar.122-55.SE12.tar flash:

step06.
# verify flash:c2960-lanbasek9-mz.122-58.SE2.bin

step07 setup next boot IOS
#configure terminal
# boot system flash:c2950-i6k2l2q4-mz.121-22.EA13.bin
or
# boot system flash:/c2960-lanbasek9-tar.122-55.SE12/c2960-lanbasek9-tar.122-55.SE12.bin

step08. save
# write memory 或 copy running-config startup-config

step09. reboot
# reload

step10. final check version
# show version 或 show boot

Reference:
1.CCIE or Null! – Using the CLI to install and IOS in .tar format.
2.CiscoZine – How to upgrade a Cisco stack
3.Original Cisco Factory upgrade website
4.51CTO博客 – 一次不成功的思科2960S交换机的IOS升级

[Server] Cisco UCS C-series use ‘Direct Connect Mode’ , don’t need FEX

慵懶老K發表留言

自UCS 2.2開始支援C-series (Rack-Server) 可以直連Nexus FI6xxx ,無需透過Nexus 2K series Fabric Extenders (FEX)

(注意事項)
1. C200, C210, and C250 do not support Direct Connect.
2. A maximum of 120 virtual interfaces (但透過FEX原是可以到256 virtual interfaces)
3. UCSM need 2.2 and above
4. following supported Cisco UCS C-Series servers and corresponding CIMC release versions listed in the following table
5. VIC adapters must be installed in the correct slot
6. FI ports must be configured as “server" ports
7. At least one 10-Gb SFP cable for each card. You cannot connect the card to the same FI from both the ports

(Before You Begin)
1. FI ports are configured as “server" ports
2. Cisco UCS VIC 1225 or Cisco VIC 1227 is installed in the correct slot
3. Do not mix SFP types on an uplink with FI

(Topology)
UCS-C-series-direct-mode.jpg

 

 

Reference : Cisco – Cisco UCS C-Series Server Integration with Cisco UCS Manager 2.2

[Cisco] UCS use CLI collect CIMC Log

慵懶老K發表留言

# scope cimc

# scope tech-support

tech-support> set remote-protocol tftp // 決要要上傳什麼協定 tftp / scp / ftp ..
tech-support> set remote-ip 192.168.1.1
tech-support> set remote-path UCS.tar.gz
tech-support> set remote-username user  // 若是ftp / scp 需帳號
tech-support> set remote-password userpass // 若是ftp / scp 需密碼

tech-support> commit // 套用生效

tech-support> start // 開始收集

tech-support> show // 觀察