Managing the Cisco APIC-EM

Adding Static Routes to the Controller

You can troubleshoot the Cisco APIC-EM installation by running the configuration wizard a second time and updating any earlier configuration entries, including the static routes used by the controller. The configuration wizard saves and displays your previous configuration settings, so you do not have to reenter them.


Note


When performing this procedure, controller downtime occurs. For this reason, we recommend that you perform this procedure during a maintenance time period. For information about changing settings for a multi-host configuration, see Changing the Settings in a Multi-Host Cluster.


Before You Begin

You have installed Cisco APIC-EM following the procedure described in the Cisco Application Policy Infrastructure Controller Enterprise Module Installation Guide.


    Step 1   Using a Secure Shell (SSH) client, log into the host (physical or virtual) with the IP address that you specified using the configuration wizard.
    Note   

    The IP address to enter for the SSH client is the IP address that you configured for the network adapter. This IP address connects the host to the external network.

    Step 2   When prompted, enter your Linux username ('grapevine') and password for SSH access.
    Step 3   Restart the configuration wizard using the following command.
    $ config_wizard
    
    
    Note   

    The config_wizard command is in the PATH of the 'grapevine' user, and not the "root" user. Either run the command as the "grapevine" user, or fully qualify the command as the "root" user. For example: /home/grapevine/bin/config_wizard

    Step 4   Review the current configuration values in the configuration wizard and click next>>, until you access the specific step where you wish to update your previous configuration entry.

    For example, if you need to enter a new static route address, click next >> until you get to the NETWORK ADAPTER #1 (eth0) screen.

    Step 5   Update the value that was previously entered in the configuration wizard and is currently displayed.

    For static routes, you need to enter a list of space separated static routes in the following format:

    Network IP address/Netmask IP address/[Gateway IP address]

    Step 6   Click next>> until the last step of the configuration wizard process.
    Step 7   Click proceed>> to have the configuration wizard save and apply your configuration changes to your Cisco APIC-EM installation.

    Changing the Controller's IP Address

    You can troubleshoot the Cisco APIC-EM installation by running the configuration wizard a second time and updating any earlier configuration entries, including the IP address (host or virtual) of the controller. The configuration wizard saves and displays your previous configuration settings, so you do not have to reenter them.


    Note


    When performing this procedure, controller downtime occurs. For this reason, we recommend that you perform this procedure during a maintenance time period. For information about changing settings for a multi-host configuration, see Changing the Settings in a Multi-Host Cluster.


    Before You Begin

    You have installed Cisco APIC-EM following the procedure described in the Cisco Application Policy Infrastructure Controller Enterprise Module Installation Guide.


      Step 1   Using a Secure Shell (SSH) client, log into the host (physical or virtual) with the IP address that you specified using the configuration wizard.
      Note   

      The IP address to enter for the SSH client is the IP address that you configured for the network adapter. This IP address connects the host to the external network.

      Step 2   When prompted, enter your Linux username ('grapevine') and password for SSH access.
      Step 3   Restart the configuration wizard using the following command.
      $ config_wizard
      
      
      Note   

      The config_wizard command is in the PATH of the 'grapevine' user, and not the "root" user. Either run the command as the "grapevine" user, or fully qualify the command as the "root" user. For example: /home/grapevine/bin/config_wizard

      Step 4   Review the current configuration values in the configuration wizard and click next>>, until you access the specific step where you wish to update your previous configuration entry.

      For example, if you need to enter a new host IP address, click next >> until you get to the NETWORK ADAPTER #1 (eth0) screen.

      Step 5   Update the value that was previously entered in the configuration wizard and is currently displayed.

      For example, you can update the host IP setting by entering a new IP address.

      Step 6   Click next>> until the last step of the configuration wizard process.
      Step 7   Click proceed>> to have the configuration wizard save and apply your configuration changes to your Cisco APIC-EM installation.

      Changing the Controller Settings in a Multi-Host Cluster

      To troubleshoot an issue with a multi-host cluster, you may need to change its configuration settings. This procedure describes how to change the Cisco APIC-EM external network settings, NTP server address, and/or password for the Linux grapevine user in a multi-host cluster. The external network settings that can be changed include:

      • Host IP address

      • Virtual IP address

      • DNS server

      • Default gateway

      • Static routes


      Note


      In order to change the external network settings, NTP server address, and/or the Linux grapevine user password in a multi-host deployment, you need to first break up the multi-host cluster. As a result, controller downtime occurs. For this reason, we recommend that you perform this procedure during a maintenance time period.


      Before You Begin

      You must have successfully configured the Cisco APIC-EM as a multi-host cluster using the configuration wizard, as described in the Cisco Application Policy Infrastructure Controller Enterprise Module Installation Guide.


        Step 1   Using a Secure Shell (SSH) client, log into one of the hosts in your cluster.

        Log in using the IP address that you specified using the configuration wizard.

        Note   

        The IP address to enter for the SSH client is the IP address that you configured for the network adapter. This IP address connects the appliance to the external network.

        Step 2   When prompted, enter your Linux username ('grapevine') and password for SSH access.
        Step 3   Enter the following command to access the configuration wizard.
        $ config_wizard
        
        
        Note   

        The config_wizard command is in the PATH of the 'grapevine' user, and not the "root" user. Either run the command as the "grapevine" user, or fully qualify the command as the "root" user. For example: /home/grapevine/bin/config_wizard

        Step 4   Review the Welcome to the APIC-EM Configuration Wizard! screen and choose the option to remove the host from the cluster:
        • Remove this host from its APIC-EM cluster

        Step 5   A message appears with the following options:
        • [cancel]—Exit the configuration wizard.

        • [proceed]—Begin the process to remove this host from its cluster.

        Choose proceed>> to begin. After choosing proceed>>, the configuration wizard begins to remove this host from its cluster.

        At the end of this process, this host is removed from the cluster.

        Step 6   Repeat the above steps (steps 1-5) on a second host in the cluster.
        Note   

        You must repeat the above steps on each host in your cluster, until you only have a single host remaining. You must make your configuration changes on this final remaining host.

        Step 7   Using a Secure Shell (SSH) client, log into that final host in your cluster and run the configuration wizard.
        $ config_wizard
        
        

        After logging into the host, begin the configuration process.

        Step 8   Make any necessary changes to the configuration values for the external network settings, NTP server address, and/or password for the Linux grapevine user using the wizard.

        After making your configuration change(s), continue through the configuration process to the final message.

        Step 9   At the end of the configuration process, a final message appears stating that the wizard is now ready to proceed with applying the configuration.

        The following options are available:

        • [back]—Review and verify your configuration settings.

        • [cancel]—Discard your configuration settings and exit the configuration wizard.

        • [save & exit]—Save your configuration settings and exit the configuration wizard.

        • [proceed]—Save your configuration settings and begin applying them.

        Enter proceed>> to complete the installation. After entering proceed>>, the configuration wizard applies the configuration values that you entered above.

        Note   

        At the end of the configuration process, a CONFIGURATION SUCCEEDED! message appears.

        Step 10   Log into the other hosts in your multi-host cluster and use the configuration wizard to recreate the cluster.

        Refer to Cisco Application Policy Infrastructure Controller Enterprise Module Installation Guide for information about this specific procedure.


        Restoring the Controller to the Factory Default

        In certain situations, you may want to restore the Cisco APIC-EM to its original factory default settings. For example, if your controller appliance is being replaced or simply has an undesirable configuration that needs to be completely removed. Under these circumstances, you can restore the controller to its factory defaults and then proceed to reconfigure it as a new controller.

        This procedure describes how to a restore the factory defaults to the controller.


        Caution


        This procedure shuts down both the Cisco APIC-EM and the host (physical or virtual) on which it resides. At the end of this procedure, you will need to access the host and restart it.


        Before You Begin

        You have already installed the Cisco APIC-EM following the procedure described in the Cisco Application Policy Infrastructure Controller Enterprise Module Installation Guide.

        You have access to the Cisco APIC-EM using either a physical console or a Telnet connection.


          Step 1   Using a Secure Shell (SSH) client, log into the host (physical or virtual) with the IP address that you specified using the configuration wizard.
          Note   

          The IP address to enter for the SSH client is the IP address that you configured for the network adapter. This IP address connects the host to the external network.

          Step 2   When prompted, enter your Linux username ('grapevine') and password for SSH access.
          Step 3   Enter the reset_grapevine factory command at the prompt.
          $ reset_grapevine factory
          
          
          Important:

          The reset_grapevine factory command will terminate if the SSH connection is disconnected for any reason. To avoid this, we recommend that you use tmux (terminal multiplexer) which is already installed on the controller to run the reset_grapevine factory command in the session. You can use the following commands for tmux:

          tmux new -s session_name 'reset_grapevine factory'

          Command to create a new session using tmux for reset-grapevine factory. Note that 'reset-grapevine factory' in this command is a string value and therefore must be entered within single quotation marks.

          For example, you can enter the following command:

          tmux new -s session100 'reset_grapevine factory'

          tmux ls

          Command to view a the list of tmux sessions.

          tmux attach -t session_name 'reset_grapevine factory'

          Command to attach to a tmux session. Note that 'reset-grapevine factory' in this command is a string value and therefore must be within single quotation marks.

          For example, you can enter the following command:

          tmux attach -t session200 'reset_grapevine factory'

          To get more information about tmux, you can run the man tmux command.

          Step 4   Enter your Linux grapevine password a second time to start the reset process.
          $ sudo password for grapevine *********
          
          

          After entering this command a warning appears that the reset_grapevine factory command will shut down the controller.

          You are then prompted to confirm your desire to run the reset_grapevine factory command.

          Step 5   Enter Yes to confirm that you want to run the reset_grapevine factory command.

          The controller then performs the following tasks:

          • Stops all running clients and services

          • Deletes all cluster data

          • Deletes all user data

          • Deletes the configuration files including secrets and private keys

          • Shuts down the controller

          • Shuts down the host (physical or virtual)


          What to Do Next

          Perform the following tasks:

          • Start up the host (physical or virtual).

          • After start up, the configuration wizard appears and prompts you to re-deploy the Cisco APIC-EM.

          • Proceed to re-deploy the Cisco APIC-EM using the configuration wizard.

          Shutting Down and Restarting the Controller

          Under certain circumstances, such as when troubleshooting, you might need to gracefully shutdown and then restart either a single host or a multi-host cluster.

          For information about shutting down and restarting a single host within a multi-host cluster, see the Cisco Application Policy Infrastructure Controller Enterprise Module Troubleshooting Guide.

          Before You Begin

          You should have installed the Cisco APIC-EM following the procedures in the Cisco Application Policy Infrastructure Controller Enterprise Module Installation Guide.


            Step 1   Using a Secure Shell (SSH) client, log into the host (appliance, server, or virtual machine) with the IP address that you specified using the configuration wizard.
            Note   

            The IP address to enter for the SSH client is the IP address that you configured for the network adapter. This IP address connects the host to the external network.

            Step 2   When prompted, enter your Linux username ('grapevine') and password for SSH access.
            Step 3   Enter the harvest_all_clients command to harvest (gracefully shut down) all services on a single host or on multiple hosts within a multi-host cluster.
            $ sudo /home/grapevine/bin/harvest_all_clients
            
            
            Important:

            For a multi-host cluster, you only need to enter this command on one of the hosts to harvest (gracefully shut down) all services on all of hosts in the cluster.

            Step 4   Review the command output and subsequent directions.
            $ sudo /home/grapevine/bin/harvest_all_clients
            
            Disabled Grapevine policy
            Harvesting client 1f481f49-fabc-44f9-af5a-0481bd823165...
            Harvesting client 6dac3f56-fb05-4fd0-be06-d5c6869e23cd...
            Harvesting client c800924c-7603-4092-b1f8-0c19f5141acc...
            Waiting on task 05b9192c-9484-11e6-bdc2-0050569f3bee...
            Task '05b9192c-9484-11e6-bdc2-0050569f3bee' completed successfully
            Waiting on task 05da80da-9484-11e6-bdc2-0050569f3bee...
            Task '05da80da-9484-11e6-bdc2-0050569f3bee' completed successfully
            
            Successfully harvested all clients
            
            PLEASE NOTE:
            Grapevine policy has been DISABLED so that services and clients can be harvested.
            To start all services again, run the following command:
            
               grape config update enable_policy true
            
            
            Step 5   Power down the host, by entering the following command:
            $ sudo shutdown -h now
            
            

            Enter your password a second time when prompted.

            For a multi-host cluster, you will need to enter this command on each of the hosts in the multi-host cluster to shut them all down.

            Important:

            You need to ensure that the last host that was shutdown in a multi-host cluster is the very first host that is then restarted. Be sure to track the order in which the hosts are shutdown in a multi-host cluster.

            Step 6   Review the command output as the host shuts down.
            Note   

            The sudo shutdown command also powers off the host.

            Step 7   Power up the Grapevine root process by turning the host or hosts (in a multi-host cluster) back on.
            Important:

            For a multi-host cluster, be sure to restart the host that was shutdown last in the multi-host cluster. This must be the first host restarted.

            Step 8   Using a Secure Shell (SSH) client, log back into the host with the IP address that you specified using the configuration wizard.
            Note   

            The IP address to enter for the SSH client is the IP address that you configured for the network adapter. This IP address connects the host to the external network.

            Step 9   When prompted, enter your Linux username ('grapevine') and password for SSH access.
            Step 10   Enable Grapevine, by entering the following command on the Grapevine root:
            $ grape config update enable_policy true
            
            

            Wait a few minutes for the Cisco APIC-EM services to start up again.

            Important:

            For a multi-host cluster, you only need to enter this command on one of the hosts after all of the hosts have been successfully powered on.