Cisco Nexus 1000V System Management Configuration Guide, Release 4.2(1)SV2(1.1)
Configuring VSM Backup and Recovery
Downloads: This chapterpdf (PDF - 3.7MB) The complete bookPDF (PDF - 6.72MB) | The complete bookePub (ePub - 2.87MB) | The complete bookMobi (Mobi - 5.19MB) | Feedback

Configuring VSM Backup and Recovery

Configuring VSM Backup and Recovery

This chapter contains the following sections:

Information About VSM Backup and Recovery

You can use the VSM backup and recovery procedure to create a template from which the VSMs can be re-created in the event that both VSMs fail in a high availability (HA) environment.


Note


We recommend that you do periodic backups after the initial backup to ensure that you have the most current configuration. See the Performing a Periodic Backup section for more information.


Guidelines and Limitations

VSM backup and recovery has the following configuration guidelines and limitations:

  • Backing up the VSM VM is a onetime task.
  • Backing up the VSM VM requires coordination between the network administrator and the server administrator.
  • These procedures are not for upgrades and downgrades.
  • These procedures require that the restoration is done on the VSM with the same release as the one from which the backup was made.
  • Configuration files do not have enough information to re-create a VSM.

Configuring VSM Backup and Recovery

This section includes the following topics:

  • Performing a Backup of the VSM
  • Performing a Periodic Backup
  • Recovering the VSM

Note


Be aware that Cisco NX-OS commands might differ from the Cisco IOS commands.


Backing Up the VSM

This section includes the following topics:

  • Performing a Backup of the VSM
  • Performing a Periodic Backup

Performing a Backup of the VSM VM

This section describes how to create a backup of the VSM.

Before You Begin

Before beginning this procedure, you must know or do the following:

  • If the VSM is on a Virtual Ethernet Module (VEM) host, you must configure the management VLAN as a system VLAN.
  • Enter the copy running-config startup-config command at the VSM before beginning this procedure.
  • This procedure is required when there is a Certificate change, Extension key change, after an upgrade to a new release, and installation of the license.
Procedure
    Step 1   Open the vSphere Client.
    The vSphere Client window opens as displayed in the following illustration.
    Figure 1. vSphere Client Window



    Step 2   In the left navigation pane, right-click the standby VSM. A drop-down list is displayed.
    Step 3   Choose Power > Power Off.
    The action is displayed in the Clone to Template Window.
    Figure 2. Clone to Template Window



    Step 4   In the left navigation pane, right-click the standby VSM.

    A drop-down list is displayed.

    Step 5   Choose Template > Clone to Template.
    The Clone Virtual Machine to Template window opens.
    Figure 3. Clone Virtual Machine to Template Window



    Step 6   In the Template Name field, enter a name.
    Step 7   In the Template Inventory Location pane, choose a location for the template.
    Step 8   Click Next.
    The Choosing the Host Window opens.
    Figure 4. Host Window



    Step 9   Choose the host on which the template will be stored.
    Step 10   Click Next.
    The Choosing a Datastore window opens.
    Figure 5. Choosing a Datastore Window



    Step 11   In the Select a format in which to store the virtual machine’s virtual disks drop-down list, choose Same format as source.
    Step 12   Choose a datastore.
    Step 13   Click Next.
    The Confirming the Settings window opens.
    Figure 6. Confirming the Settings Window



    Step 14   Confirm the settings for the new virtual machine and click Finish.

    The backup template is created and appears under the Virtual Machines tab.

    Step 15   The Template Virtual Machine window opens.
    The template creation is complete.
    Figure 7. Template Virtual Machine Window




    Performing a Periodic Backup

    This section describes how to back up the active VSM after the initial backup of the standby VSM has been performed.

    Before You Begin

    The following lists some instances when you should run this procedure:

    • You have performed an upgrade.
    • You have made a significant change to the configuration.
    Procedure
    Enter the command copy running-config scp://root@10.78.19.15/tftpboot/config/ to back up the VSM.

    Example:
    switch# copy running-config scp://root@10.78.19.15/tftpboot/config/
    Enter destination filename: [switch-running-config]
    Enter vrf (If no input, current vrf 'default' is considered):
    The authenticity of host '10.78.19.15 (10.78.19.15)' can't be established.
    RSA key fingerprint is 29:bc:4c:26:e3:6f:53:91:d4:b9:fe:d8:68:4a:b4:a3.
    Are you sure you want to continue connecting (yes/no)? yes
    Warning: Permanently added '10.78.19.15' (RSA) to the list of known hosts.
    root@10.78.19.15's password:
    switch-running-config 100% 6090 6.0KB/s 00:00
    switch#

    Recovering the VSM

    This section describes how to deploy a VSM by using the backup template. This section includes the following topics:

    • Deploying the Backup VSM VM
    • Erasing the Old Configuration
    • Restoring the Backup Configuration on the VSM

    Deploying the Backup VSM VM

    This section describes how to deploy the backup VSM VM when the primary and secondary VSMs are not present.


    Note


    While deploying the VSM VM, do not power it on.


    Procedure
      Step 1   Open the vSphere Client.

      The vSphere Client window opens.

      Step 2   In the left navigation pane, choose the host of the standby VSM.
      Step 3   Click the Virtual Machines tab.
      Step 4   Right-click the template_VSM.
      Step 5   Choose Deploy Virtual Machine from this Template.

      The Deploy Template Wizard window opens.

      Figure 8. Deploy Template Wizard Window



      Step 6   In the Name field, enter a name for the VSM.
      Step 7   In the Inventory Location pane, choose a cluster.
      Step 8   Click Next.
      The Choosing a Host Window opens.
      Figure 9. Choosing a Host Window



      Step 9   Choose a host.
      Step 10  


      Example:Click Next.

      The Choosing a Datastore window opens.

      Figure 10. Choosing a Datastore Window



      Step 11   In the Select a format in which to store the virtual machine’s virtual disks drop-down list, choose Same format as source.
      Step 12   Choose a datastore
      Step 13   Click Next.

      The Guest Customization window opens. Make sure that the Power on this virtual machine after creation check box is not checked.

      Figure 11. Guest Customization Window



      Step 14   Click Next.

      The Deploy Template - Ready to Complete window opens.

      Figure 12. Guest Customization Window



      Step 15   Confirm the settings for the new virtual machine and click Finish. If the management VLAN is not available on the VEM, you must add the management interface to the vSwitch.
      Step 16   Right-click the newly deployed VM.
      Step 17   Choose Edit Settings.

      The Virtual Machine Properties window opens.

      Figure 13. Guest Customization Window



      Step 18   In the Hardware / Summary pane, choose Network adapter 1.
      Step 19   Uncheck the Connect at power on check box.
      Step 20   Choose Network adapter 2.
      Step 21   In the Device Status area, uncheck the Connect at power on check box.
      Step 22   Click OK.

      The Power On window opens.

      Figure 14. Guest Customization Window



      Step 23   Right-click the newly deployed VSM.

      A drop-down list appears.

      Step 24   Choose Power > Power On.

      Deploying the backup VSM VM is complete.


      Erasing the Old Configuration

      This section describes how to erase the startup configuration of the newly deployed VSM.

      Procedure
        Step 1   Launch the virtual machine console of the newly deployed VSM.
        Step 2   Set the redundancy role to primary by entering the following command:

        Example:
        switch# system redundancy role primary 
        Setting will be activated on next reload
        switch#
        Step 3   Copy the running configuration to the startup configuration by entering the following command:

        Example:
        switch# copy running-config startup-config
        scp:        sftp:           startup-config
        [####################################] 100%
        switch#
        Step 4   Erase the startup configuration by entering the following command:

        Example:
        switch# write erase
        Warning: The command will erase the startup-configurations.
        Do you wish to proceed anyway? (y/n) [n] y
        Step 5   Reboot the primary and secondary VSMs by entering the following command:

        Example:
        switch# reload 
        This command will reboot the system. (y/n)? [n] y

        Restoring the Backup Configuration on the VSM

        This section describes how to restore the backup configuration on the VSM.

        Procedure
          Step 1   When the VSM reboots, the System Admin Account Setup window opens.
          Figure 15. System Admin Account Setup Window



          Step 2   Enter and confirm the Administrator password.

          Example:
          ---- System Admin Account Setup ----
          Enter the password for "admin": 
          Confirm the password for "admin":
          Step 3   Enter the domain ID.

          Example:
          Enter the domain id<1-4095>: 50
          Step 4   Enter the HA role. If you do not specify a role, standalone is assigned by default.

          Example:
          Enter HA role[standalone/primary/secondary]: primary
          
          [#########################################] 100%
          
                   ---- Basic System Configuration Dialog ----
          
          This setup utility will guide you through the basic configuration of
          the system. Setup configures only enough connectivity for management
          of the system.
          
          Press Enter at anytime to skip a dialog. Use ctrl-c at anytime
          to skip the remaining dialogs.
          Step 5   Enter yes when you are prompted to enter the basic configuration dialog.

          Example:
          Would you like to enter the basic configuration dialog (yes/no): yes
          Step 6   Enter no when asked to create another Login account.

          Example:
          Create another login account (yes/no) [n]: no
          Step 7   Enter no when asked to configure a read-only SNMP community string.

          Example:
          Configure read-only SNMP community string (yes/no) [n]: no
          Step 8   Enter no when asked to configure a read-write SNMP community string.

          Example:
          Configure read-write SNMP community string (yes/no) [n]: no
          Step 9   Enter a name for the switch.

          Example:
          Enter the switch name:
          Step 10   Enter yes, when asked to configure out-of-band management and then enter the mgmt0 IPv4 address and subnet mask.

          Example:
          Continue with Out-of-band (mgmt0) management configuration? [yes/no] [y]: yes
          Mgmt0 IPv4 address: 172.28.15.152
          Mgmt0 IPv4 netmask: 255.255.255.0
          Step 11   Enter no when asked to configure the default gateway.

          Example:
          Configure the default-gateway: (yes/no) [y]: no 
          
              IPv4 address of the default gateway : 172.23.233.1
          Step 12   Enter yes when asked to enable the Telnet service.

          Example:
          Enable the telnet service? (yes/no) [y]: yes
          Step 13   Enter yes when asked to enable the SSH service, and then enter the key type and number of key bits. For more information, see the Cisco Nexus 1000V Security Configuration Guide.

          Example:
          Enable the ssh service? (yes/no) [y]: yes
          Type of ssh key you would like to generate (dsa/rsa) : rsa
          Number of key bits <768-2048> : 1024
          Step 14   Enter yes when asked to enable the HTTP server.

          Example:
          Enable the http-server? (yes/no) yes
          Step 15   Enter no when asked to configure the NTP server

          Example:
          Configure NTP server? (yes/no) [n]: no
          Step 16   Enter no when asked to configure the VEM feature level.

          Example:
          Vem feature level will be set to 4.2(1)SV1(4a). 
          Do you want to reconfigure? (yes/no) [n] no

          The system now summarizes the complete configuration and prompts you to edit it.



          Example:
          The following configuration will be applied:
           interface Mgmt0
          ip address 172.28.15.152 255.255.255.0
          no shutdown
          vrf context management
          ip route 0.0.0.0/0 10.78.111.11
            no telnet server enable
            ssh key rsa 1024 force
            ssh server enable
            feature http-server
            svs-domain
              svs mode L2
              control vlan 1
              packet vlan 1
              domain id 1
          Step 17   Enter no when asked if you would like to edit the configuration.

          Example:
          Would you like to edit the configuration? (yes/no) [n]: no
          
          Enter SVS Control mode (L2 / L3) : L2
          Enter control vlan <1-3967, 4048-4093> : 100
          Enter packet vlan <1-3967, 4048-4093> : 101
          Step 18   Enter yes when asked to use and save this configuration.

          Example:
          Use this configuration and save it? (yes/no) [y]: yes
          [########################################] 100%
          

          If you do not save the configuration now, then none of your changes are part of the configuration the next time the switch is rebooted. Enter yes to save the new configuration. This ensures that the kickstart and system images are also automatically configured.

          Step 19   In the vSphere Client, right-click the VSM and choose Edit Settings.

          The VSM Virtual Machine Properties window opens.

          Figure 16. VSM Virtual Machine Properties Window



          Step 20   In the Hardware/Summary pane, choose Network adapter 2.
          Step 21   Check the Connect at power on check box.
          Step 22   Log in to the VSM.
          Step 23   Copy the backup configuration to the VSM bootflash by entering the following command:

          Example:
          switch# copy scp://root@10.78.19.15/tftpboot/backup/VSM-Backup-running-config
          bootflash:
          Enter vrf (If no input, current vrf 'default' is considered):
          The authenticity of host '10.78.19.15 (10.78.19.15)' can't be established.
          RSA key fingerprint is 29:bc:4c:26:e3:6f:53:91:d4:b9:fe:d8:68:4a:b4:a3.
          Are you sure you want to continue connecting (yes/no)? yes
          Warning: Permanently added '10.78.19.15' (RSA) to the list of known hosts.
          root@10.78.19.15's password:
          switch-running-config 100%
          6090 6.0KB/s 00:00
          switch# 
          
          Step 24   Copy the backup configuration to the running configuration by entering the following command:

          Example:
          switch# copy bootflash:VSM-Backup-running-config running-config
          Disabling ssh: as its enabled right now:
          Can't disable ssh for key generation:Current user is logged in through ssh
          Please do a "copy running startup" to ensure the new setting takes effect
          on next reboot
          LACP Offload Status can be verified using "show lacp offload status"
          Change in LACP Offload Status takes effect only on the next VSM Reboot
          This can potentially cause modules with LACP uplinks to flap
          Syntax error while parsing 'limit-resource m4route-mem minimum 58 maximum 58'
          Syntax error while parsing 'limit-resource m6route-mem minimum 8 maximum 8'
          Syntax error while parsing 'interface Ethernet3/2'
          Syntax error while parsing 'inherit port-profile uplink-cdp'
          Warning: Config saved but not pushed to vCenter Server due to inactive connection!
          Warning: Config saved but not pushed to vCenter Server due to inactive connection!
          Warning: Config saved but not pushed to vCenter Server due to inactive connection!
          Warning: Config saved but not pushed to vCenter Server due to inactive connection!
          command failed. Invalid ip address.
          Syntax error while parsing 'log-level '
          Syntax error while parsing 'no ip dhcp relay'
          switch

          The Virtual Machine Properties window displays.

          Figure 17. Virtual Machine Properties Window



          Step 25   In the Hardware / Summary pane, choose Network adapter 1.
          Step 26   In the Device Status area, check the Connect at power on check box.
          Step 27   Confirm that the VEMs are attached to the VSM by entering the following command:

          Example:
          switch# show module
          
          Mod Ports Module-Type Model Status
          --- ----- -------------------------------- ------------------ ------------
          1 0 Virtual Supervisor Module Nexus1000V active *
          3 248 Virtual Ethernet Module NA ok
          Mod Sw Hw
          --- ---------------- ------------------------------------------------
          1 4.2(1)SV1(4a) 0.0
          3 4.2(1)SV1(4a) VMware ESXi 4.0.0 Releasebuild-261974 (1.20)
          Mod MAC-Address(es) Serial-Num
          --- -------------------------------------- ----------
          1 00-19-07-6c-5a-a8 to 00-19-07-6c-62-a8 NA
          3 02-00-0c-00-03-00 to 02-00-0c-00-03-80 NA
          Mod Server-IP Server-UUID Server-Name
          --- --------------- ------------------------------------ --------------------
          1 10.78.111.20 NA NA
          3 10.78.111.186 0e973f80-e804-11de-956e-4bc311a28ede VEM-186-KLU2
          * this terminal session
          switch#
          Step 28   Copy the backup configuration to the running configuration by entering the following command:

          Example:
          switch# switch# copy bootflash:VSM-Backup-running-config running-config
          Disabling ssh: as its enabled right now:
          Can't disable ssh for key generation:Current user is logged in through ssh
          2011 Apr 26 12:21:22 switch %KERN-3-SYSTEM_MSG: redun_platform_ioctl :
          Entered - kernel
          2011 Apr 26 12:21:22 switch %KERN-3-SYSTEM_MSG: redun_platform_ioctl : Host
          name is set switch - kernel
          2011 Apr 26 12:21:22 switch %KERN-3-SYSTEM_MSG: redun_platform_ioctl :
          Entered - kernel
          2011 Apr 26 12:21:22 switch %KERN-3-SYSTEM_MSG: redun_platform_ioctl : Host
          name is set switch - kernel
          ERROR: Flow Record: Record is in use. Remove from all clients before modifying.
          ERROR: Flow Record: Record is in use. Remove from all clients before modifying.
          ERROR: Flow Record: Record is in use. Remove from all clients before modifying.
          Please do a "copy running startup" to ensure the new setting takes effect
          on next reboot
          LACP Offload Status can be verified using "show lacp offload status"
          Change in LACP Offload Status takes effect only on the next VSM Reboot
          This can potentially cause modules with LACP uplinks to flap
          2011 Apr 26 12:21:23 switch %VMS-5-DVS_NAME_CHANGE: Changed dvswitch
          name to 'switch' on the vCenter Server.
          Syntax error while parsing 'limit-resource m4route-mem minimum 58 maximum 58'
          Syntax error while parsing 'limit-resource m6route-mem minimum 8 maximum 8'
          ERROR: Port-channel interface has non-zero members!
          2011 Apr 26 12:21:34 switch %MSP-5-DOMAIN_CFG_SYNC_DONE: Domain config
          successfully pushed to the management server.
          ERROR: Cannot change connection configuration in 'Enabled' state.
          ERROR: Cannot change connection configuration in 'Enabled' state.
          ERROR: Cannot change the data-center name in connected state.
          command failed. Invalid ip address.
          Syntax error while parsing 'log-level '
          Syntax error while parsing 'no ip dhcp relay'
          switch# 2011 Apr 26 12:21:35 switch last message repeated 3 times
          2011 Apr 26 12:21:35 switch %ETHPORT-5-SPEED: Interface port-channel1,
          operational speed changed to 1 Gbps
          2011 Apr 26 12:21:35 switch %ETHPORT-5-IF_DUPLEX: Interface port-channel1,
          operational duplex mode changed to Full
          2011 Apr 26 12:21:35 switch %ETHPORT-5-IF_RX_FLOW_CONTROL: Interface portchannel1,
          operational Receive Flow Control state changed to on
          2011 Apr 26 12:21:35 switch %ETHPORT-5-IF_TX_FLOW_CONTROL: Interface portchannel1,
          operational Transmit Flow Control state changed to on
          VSM backup and Recovery Procedure EDCS-1017832Cisco Systems Pvt Ltd Internal Document April-27-2011
          2011 Apr 26 12:21:35 switch %ETH_PORT_CHANNEL-5-PORT_UP: port-channel1:
          Ethernet3/2 is up
          2011 Apr 26 12:21:35 switch %ETH_PORT_CHANNEL-5-FOP_CHANGED: portchannel1:
          first operational port changed from none to Ethernet3/2
          2011 Apr 26 12:21:35 switch %ETHPORT-5-IF_UP: Interface Ethernet3/2 is up in
          mode trunk
          2011 Apr 26 12:21:35 switch %ETHPORT-5-IF_UP: Interface port-channel1 is up in
          mode trunk
          switch#
          

          This step is necessary if features are configured directly through the interface configuration mode for Ethernet interfaces and for features like ERSPAN/NFM.

          Step 29   Copy the running-configuration to the startup-configuration by entering the following command:

          Example:
          switch# copy running-config startup-config
          [########################################] 100%
          switch#
          Step 30   Create the standby VSM by using the OVA/OVF files to form an HA pair.
          See the “Installing the Software from an OVA or OVF Image” section in the Cisco Nexus 1000V Installation and Upgrade Guide.
          • For release 4.2(1)SV1(4) and later releases, deploy the OVF template from the VMware vSphere Client and choose Nexus 1000V Secondary from the Configuration drop-down list.
          • For release 4.0(4)SV1(2) through release 4.0(4)SV1(3d), choose Manual Install of Nexus 1000V from the Configuration drop-down list and assign the HA role of secondary in the System Admin Setup of the VSM.
          The recovery is complete.

          Feature History for VSM Backup and Recovery

          This section provides the VSM backup and Recovery feature release history.

          Feature Name

          Releases

          Feature Information

          VSM Backup and Recovery

          4.2(1)SV1(4a)

          This feature was introduced.