Upgrading Cisco DCNM-SAN
This section includes the following topics:
Upgrading Fabric Manager in Cisco SAN-OS Releases Prior to 3.1(2b)
When you install Cisco Fabric Manager 3.2(1), data is migrated from the Hypersonic HSQL database to either the PostgreSQL database or Oracle Database 10g Express during the installation. To install the PostgreSQL database on Windows, click the FM Installer link on the CD. To install Oracle Database 10g Express, follow the instructions in the “Installing Oracle” section.
Note If you are upgrading a previous installation of DCNM-SAN Server, be sure the previous installation of the database is running. Do not uninstall the previous version. If the previous version is uninstalled, the database will not be migrated and your server settings will not be preserved. After you ensure that the previous installation is running, follow the steps listed in the “Installing the Management Software” section. Before beginning the upgrade, you must close DCNM-SAN, Device Manager, and DCNM-LAN. For more information on DCNM-LAN, see Upgrading Cisco DCNM-LAN Servers.
Upgrading Fabric Manager in Cisco SAN-OS Releases 3.1(2b) and Later to 3.2(1)
When you install Cisco SAN-OS 3.2(1), data is migrated from the Hypersonic HSQL database to either the PostgreSQL database or Oracle Database 10g Express during the installation. Data is also migrated from Oracle to Oracle.
Note If you migrate the database from Oracle to Oracle, the schema is updated as required by Cisco SAN-OS 3.2(1).
To install the PostgreSQL database on Windows, click the FM Installer link on the CD. To install Oracle Database 10g Express, follow the instructions in the “Installing Oracle” section.
Upgrading the Management Software
If you log into a switch running Cisco MDS SAN-OS with Device Manager and that switch has a later version of the management software, you are prompted to install the later version. To upgrade the Cisco MDS DCNM-SAN software, follow the instructions described in the “Upgrading Cisco DCNM-SAN” section. You can also upgrade Device Manager at any time by entering the IP address or host name of the supervisor module with the later version of software in the Address field of your browser. You will need a new CD to upgrade DCNM-SAN.
Note As of Cisco MDS SAN-OS Release 3.x, downgrades are not supported through the installer. To downgrade DCNM-SAN or Device Manager to an earlier release, you need to manually uninstall first and then reinstall the previous version of DCNM-SAN or Device Manager.
Upgrading DCNM-SAN Federated Server
To upgrade DCNM-SAN federated server on Linux and Solaris machines, follow these steps:
Step 1 Log on to the server node in the federation.
Step 2 Run $INSTALLDIR/FMServer.sh stop to stop the server node.
Step 3 Run the dcnm-installer-k9.5.2.0.252.S2.jar (java -Xmx512m -jar dcnm-installer-k9.5.2.0.252.S2.jar) on the first server node to upgrade the first server in the federation.
Step 4 Repeat steps 1 through step 3 on all the other servers nodes.
To upgrade DCNM-SAN federated server on a Windows machine, follow these steps:
Step 1 Log on to the server node in the federation.
Step 2 Stop the DCNM-SAN Server service. To stop the DCNM-SAN Server service, click Start > Control Panel > Administrative Tools > Services.
Step 3 Right-click Cisco DCNM-SAN Server services in the services window, and then click Stop to stop the services.
Step 4 Repeat step 1 through step 3 on all the server nodes.
Step 5 Run the dcnm-installer-k9.5.2.0.252.S2.jar (java -Xmx512m -jar dcnm-installer-k9.5.2.0.252.S2.jar) on the first server node to upgrade the first server.
Step 6 Repeat step 5 on all the other server nodes.
Upgrading Fabric Manager Server and Fabric Manager Standalone Version Using the Fabric Manager Update Installer
As of Release 3.3(1a), you can use the Cisco MDS 9000 Fabric Manager Update Installer to upgrade:
- Fabric Manager Server
- Fabric Manager Standalone
The Fabric Manager Update Installer is smaller in size than the Fabric Manager installer which makes it easier to download. The update Installer has limited capability to upgrade Fabric Manager Server or the Fabric Manager Standalone version and it does not have the capability to install a database or the Fabric Manager Server infrastructure (JBoss). Table 1-1 shows the recommended Fabric Manager upgrade paths.
Table 1-1 Fabric Manager Upgrade Path Using Update Installer
|
|
|
3.0(x) |
3.3(1a) or above |
1. Upgrade to 3.1(x). 2. Upgrade to 3.2(x). 3. Upgrade to 3.3(x) or above by launching the update installer { java –Xmx512m –jar jar_file_name } and then follow the steps to upgrade Fabric Manager.
Note Change the server port to 9099 if you are not upgrading from Release 3.2(2c) in Step 2.
|
3.1(x) 1 |
3.3(1a) or above |
1. Upgrade to 3.2(x). 2. Upgrade to 3.3(x) or above by launching the update installer { java –Xmx512m –jar jar_file_name } and then follow the steps to upgrade Fabric Manager.
Note Change the server port to 9099 if you are not upgrading from Release 3.2(2c) in Step 1.
|
3.2(x) |
3.3(1a) or above |
1. Upgrade to 3.3(x) or above by launching the update installer{ java –Xmx512m –jar jar_file_name } and then follow the steps to upgrade Fabric Manager.
Note Change the server port to 9099 if you are not upgrading from Release 3.2(2c).
|
3.3(x) |
NX-OS 4.1(1b) |
1. Upgrade to 4.1(x) or above by launching the update installer { java –Xmx512m –jar jar_file_name } and then follow the steps to upgrade Fabric Manager.
Note Change the server port to 9099 if you are not upgrading from Release 3.4(x).
|
Running DCNM-SAN Behind a Firewall
For Windows PCs running DCNM-SAN, Device Manager, and Performance Manager behind a firewall, certain ports need to be available.
By default, DCNM-SAN Client and Device Manager use the first available UDP port for sending and receiving SNMP responses. The UDP SNMP trap local ports are 1162 for DCNM-SAN, and 1163 or 1164 for Device Manager. DCNM-SAN Server also opens TCP RMI port 9099.
In Fabric Manager Release 2.1(2) or later, you can select the UDP port that Fabric Manager Client or Device Manager uses for SNMP responses by uncommenting the following statement:
- On a Windows desktop, uncomment the following in the FabricManager.bat or DeviceManager.bat file in the C:\Program Files\Cisco Systems\MDS9000\bin directory:
rem JVMARGS=%JVMARGS% -Dsnmp.localport=9001
- On a UNIX desktop, uncomment the following in the FabricManager.sh or DeviceManager.sh file in the $HOME/.cisco_mds9000/bin directory:
# JVMARGS=$JVMARGS -Dsnmp.localport=9001
In Fabric Manager Release 3.2(1) or later, Fabric Manager Client initiates communication with Fabric Manager Server on the port 9099 for Java Naming Directory and Interface (JNDI) lookup. Fabric Manager Server redirects the client to 1098 and JBoss directs the request to the appropriate service.
Fabric Manager Server proxy services uses a configurable TCP port (9198 by default) for SNMP communications between the Fabric Manager Client or Device Manager and Fabric Manager Server.
The Fabric Manager Server component requires two predictable TCP ports to be opened on the firewall for an incoming connection:
- server.port = 9099
- server.data.port = 9100
As long as these two ports are open, Fabric Manager Client can connect to the server. Other TCP ports connected to Fabric Manager Client are initiated by the server, which is behind the firewall.
The following table lists all ports used by DCNM-SAN applications:
|
|
|
SSH |
Port 22 (TCP) |
Telnet |
Port 23 (TCP) |
HTTP |
Port 80 (TCP) |
TFTP |
Port 69 (UDP) |
SNMP |
Port 161 (UDP) |
Syslog |
Port 514 (UDP) |
Used by DCNM-SAN Server and Performance Manager
|
SNMP_TRAP |
Port 2162 (UDP) |
SNMP |
Picks a random free local port (UDP) or 9198 (TCP) if SNMP proxy is enabled. Can be changed in server.properties. |
Java RMI |
Ports 9099, 9100 (TCP) |
|
SNMP |
Picks a random free local port (UDP) if SNMP proxy is enabled. Can be changed with the client -Dsnmp.localport option. |
Java RMI |
Picks a free local port between 19199 and 19399 (TCP). Can be changed with the client -Dclient.portStart and -Dclient.portEnd options. For example, -Dclient.portStart = 19199 -Dclient.portEnd = 19399. |
|
SNMP_TRAP |
Picks a free local port between 1163 and 1170 (UDP). |
SNMP |
Picks a random free local port (UDP) or 9198 (TCP) if SNMP proxy is enabled. Can be changed in server.properties. |
|
|
|
|
|
1098 (TCP) |
conf/jboss-service.xml |
jboss:service=Naming |
RMI Naming Service Port |
This port is for JNDI based naming services. The client look up this port for JNDI binding objects and resources. |
9099 (TCP) |
conf/jboss-service.xml |
jboss:service=Naming |
Bootstrap JNP Port ( FM changed 1099 to 9099) |
This port is for JNDI based naming services. The client look up this port for JNDI binding objects and resources. |
4444 (TCP) |
conf/jboss-service.xml |
jboss:service=invoker,type=jrmp |
RMI /JRMP ObjectPort |
The org.jboss.invocation.jrmp. server.JRMPInvoker class is an MBean service that provides the RMI/JRMP implementation of the Invoker interface. The JRMPInvoker exports itself as an RMI server so that when it is used as the Invoker in a remote client, the JRMPInvoker stub is sent to the client instead. |
4445 (TCP) |
conf/jboss-service.xml |
jboss:service=invoker,type=pooled |
Pooled Invoker |
The org.jboss.invocation. pooled.server.PooledInvoker is an MBean service that provides RMI over a custom socket transport implementation of the Invoker interface. The PooledInvoker exports itself as an RMI server so that when it is used as the Invoker in a remote client, the PooledInvoker stub is sent to the client instead and invocations use the a custom socket protocol. |
8009 (TCP) |
deploy/jbossweb-tomcat41.sar/META-INF/jboss-service.xml |
jboss.web:service=WebServer? |
AJP Connector |
The AJP Connector element represents a Connector component that communicates with a web connector via the AJP protocol. This is used for invisibly integrating JBoss Web into an existing or a new Apache server. |
8083 (TCP) |
conf/jboss-service.xml |
jboss:service=WebService |
RMI dynamic class loader port |
The WebService MBean provides dynamic class loading for RMI access to the server EJBs. Used for web service |
8092 (TCP) |
deploy/jms/oil2-service.xml |
jboss.mq:service=InvocationLayer?,type=OIL2 |
Optimized Invocation Layer for JMS |
This port is used for JBossMQ services. JBossMQ is composed of several services working together to provide JMS API level services to client applications. Optimized Invocation Layer is a service used by JMS client. |
8093 (TCP) |
deploy/jms/uil2-service.xml |
jboss.mq:service=InvocationLayer?,type=UIL2 |
Unified Invocation Layer for JMS |
This port is used for JBossMQ services. JBossMQ is composed of several services working together to provide JMS API level services to client applications. Unified Invocation Layer is a service used by JMS client. |
3873 (TCP) |
Service end point for EJB3 aspect service |
JBoss EJB3 Aspect Service Deployer |
JBoss EJB3 Invoker |
This port used by the client to communicate with EJB3(Enterprise JavaBean 3.0) services on JBoss Server. |
DCNM-SAN Server Proxy Services
The DCNM-SAN Client and Device Manager use SNMP to communicate with the DCNM-SAN Server. In typical configurations, the DCNM-SAN Server may be installed behind a firewall. The SNMP proxy service available in Cisco Fabric Manager Release 2.1(1a) or later provides a TCP-based transport proxy for these SNMP requests. The SNMP proxy service allows you to block all UDP traffic at the firewall and configure DCNM-SAN Client to communicate over a configured TCP port.
DCNM-SAN uses the CLI for managing some features on the switches. These management tasks are used by DCNM-SAN and do not use the proxy services. Your firewall must remain open for CLI access for the following features:
- External and internal loopback test
- Flash files
- Create CLI user
- Security - ISCSI users
- Show image version
- Show tech
- Switch resident reports (syslog, accounting)
- Zone migration
- Show cores
If you are using the SNMP proxy service and another application on your server is using port 9198, you need to modify your workstation settings.
Note The MDS switch always checks the local SNMP users before the remote AAA users, unlike the CLI.
To modify a Windows workstation, follow these steps:
Step 1 Open Internet Explorer and select Tools > Internet Options.
You see the Internet Options dialog box.
Step 2 Select the Connections tab and click LAN Settings.
You see the LAN Settings dialog box.
Step 3 Check the Use a Proxy Server for your LAN check box and click Advanced.
Step 4 Add your server IP Address or local host under the Exceptions section.
Step 5 Click OK to save your changes.