Additional Administration

This section contains the following topics:

IC3000 Image Installation

The IC3000 is shipped with a factory installed image. Once the device is powered up the version installed can be verified by running the show versioncommand via the console. If the version is the latest CCO version, or a recommended version, you may continue with your next steps.

For example: 


ic3k>show version
Version: 1.2.1
Platform ID: IC3000-2C2F-K9
Hardware ID: FOC2235V0SW
ic3k>

The version string shown in the example is a representation of the CCO download image C3000-K9-1.2.1.SPA.

If the version is an older version and needs to be upgraded, then please download the latest version from CCO site and update the firmware using LM or FND.


Note
As of release 1.3.1, the operating image is verified before flashing to the boot. The system will check the image, and if it is found corrupt, an error will be returned to the updater agent. This error will be propagated to the end user to inform them about the cause of the image update failure.

Choose LM or FND as a preference of choice. For example, if you are accessing the device locally connected to a PC, then you may be able to use LM to upgrade the firmware. If you are managing a number of IC3000 devices via FND, then you should be able to use the firmware update tab in FND to upgrade the firmware.

The LM work flow is as follows:

The LM work flow is as follows:

Procedure

Step 1

Connect the IC3000 to a laptop or use the svcbr_0 interface address and access the LM via the following URL: https://<ipaddress> :8443

Step 2

Select the Device Config tab, then click the Choose File button in the Software Upgrade section to select the image file. See Figure 1. Click the Upload & Install button to upload the image. Note that the device will be rebooted after the new image is installed. Note : the device configuration tab will not be enabled in standalone mode. You should be in standalone mode to access the device configuration tab and this can be achieved by factory resetting the box. Refer to reset button options in IC3000 Related for details.

Figure 1. Device Config Tab

The FND work flow is as follows:

Please follow the Step 9: Upgrading Firmware with FND, page 8 procedure.

Note 
The reboot time is approximately 3 minutes and the size of the firmware is roughly 160MB. It could take 5 to 6 minutes for the IC3000 to upgrade the firmware. The CAF or IGMA will be upgraded as well, and will be automatically loaded and running once the device is up. There is no upgrade needed for CAF.

SSH Access

SSH access is disabled by default to prevent unauthorized access to the device. However, you can troubleshoot an application while you are in standalone mode. The application console is enabled in standalone mode. If standalone mode is off, the application console access is disabled.

Connecting to the Console of a Running Application

Accessing the console of a running application while in standalone mode can be used to troubleshoot and debug a running or failing application. Connecting to the application console can be done using the address of the svcbr_0 interface of the IC3000. It can be a Link-Local Address of 169.254.128.2 or a dhcp address. For Cyber Vision cases, use the IP address configured via USB when filling out the Hosts Management IP address field.

Connecting to the Application Console using the Command Prompt/Terminal

Follow these steps:

Procedure

Step 1

Deploy, Activate, and Start an IOx Application.

  1. Access the Local Manager through your browser in order to deploy, activate and start your IOx application package.

  2. Optionally, you can enable the debug option when you activate the application as shown in Figure 1. This prevents the application container from stopping when your application terminates unexpectedly.

    Figure 2. Resources
Step 2

Save the PEM certificate on your local machine.

  1. Create the *.pem file by going to the terminal and running touch <pemFileName>.pem in the directory you want to save the certificate. For example:

    Example:

    
Device$ cd Desktop - 
Change directory to your Desktop
Device$ mkdir pem_certificates - 
Makes a directory called pem_certificates
Device$ cd pem_certificates/ - 
Change directory to the pem_certificates directory
Device$ touch CiscoCyberVision.pem -
Creates a file named CiscoCyberVision.pem
 
Device$ ls - 
Lists the contents of the directory
  CiscoCyberVision.pem

  2. Get the private key of the container by going to Local Manager -> Application -> <specific app> -> Manage -> App Info -> *.pem file. Clicking on CiscoCyberVision.pem displays the contents of the private key. See Figure 2 and Figure 3.

    Figure 3. Click to Display Key
    Figure 4. App info Page

  3. Save the private key by copying the entire content into the <pemFileName>.pem file you created in Step 2a. Make sure to save the changes. For example:

    Example:

    
Device$ vi CiscoCyberVision.pem  - 
Opens the file in the vi editor
*cut and paste the contents of the file into the open file*
Device$ wq - 
Writes the file and quits the vi editor
Device$ cat CiscoCyberVision.pem - 
Displays the contents of the file

  4. Add the necessary permissions for the file. Recommended using "chmod 600". For example:

    Example:

    
Device$pwd - 
Prints the working directory
Desktop/pem_certificates
Device$ls - 
Displays the contents of the directory
  CiscoCyberVision.pem 
Device$chmod 600 CiscoCyberVision.pem - 
Changes the mode of the file to 600 which is more secure

  5. If you see a warning as shown in Figure 4 when trying to ssh to the application console, it is because the current file permissions are too open.

    Figure 5. Warning Message
Step 3

SSH to the Application Console.

  1. Run the command that is found under the App info tab in the directory you saved the pem certificate: ssh -p {SSH_PORT} -i <pemFileName>.pem appconsole@169.254.128.2 {SSH_PORT} = 22

    Figure 6. App Access
Step 4

You should now be able to navigate the app logs to begin troubleshooting.

Connecting to the Application Console using PuTTY

PuTTY is an SSH and telnet client, developed originally by Simon Tatham for the Windows platform. PuTTY is open source software that is available with source code and is developed and supported by a group of volunteers.

Follow steps 1 and 2 under the Connecting to the Application Console using the Command Prompt/Terminal before starting a PuTTY session.

On Windows, when you use PuTTY, first convert the .pem file to a PuTTY-compatible .ppk with the use of PuTTygen.

Follow these steps:

Procedure

Step 1

Start PuTTygen by navigating to File > Load private key as shown in Figure 1.

Figure 7. PuTTY Key Generator
Step 2

Set the file filter to All Files and open the downloaded .pem as shown in the following graphic.

Figure 8. File Filter
Step 3

Go to File > Save private key and save the .pem as .ppk as shown in Figure 3.

Figure 9. Save Key
Step 4

Once you have the .ppk, start PuTTY and enter 169.254.128.2, port 22 in the session dialog. Next, go to Connection - SSH - Auth and supply the private key file < test>.ppk file as shown in the following graphic.

Figure 10. PuTTY Configuration
Step 5

Click Open in order to start the session. Enter the username appconsole as shown in the following graphic.

Figure 11. PuTTY Session

Performing these steps should bring you to the application console of the running IOx container on the IC3000.

Audit Trail for Application Management Operations


Note
This functionality is only supported in the IoT FND and Fog Director Integrated Solution.

The following two Application Management operations will generate an Audit Log:

  • Install App
  • Uninstall App

Note
There is no audit trail to track when you import or delete an application to or from the IoT FND and Fog Director Integrated Solution.

To view the Audit Log details, choose ADMIN > SYSTEM MANAGEMENT > AUDIT TRAIL.

Figure 12. Audit Trail

Note
You can now import multiple versions of the same application.

Troubleshooting

This section provides some tips for troubleshooting problems that may occur.

IC3000 Related

Reset Button Options

The device can be returned to the original factory configuration by using the reset button. The reset button is a small button accessed through a pinhole located on the front of the device. For the location, see the IC3000 Hardware Configuration Guide .

The reset button options have changed with release 1.3.1. The following table shows the timings before and after release 1.3.1:

Table 1. Reset Button Timings

Prior to Release 1.3.1

Release 1.3.1 and Beyond

Action

Time Pressed and Released in Seconds

Time Pressed and Released in Seconds

Reload

10-15

10-20

Configuration Reset

30-35

30-50

Factory Reset

60-65

60-80

Note
Release 1.3.1 provides an enhanced Factory Reset and Configuration Reset. Both are described here: Enhanced Reset Options for Release 1.3.1

Use the following commands from the console to determine the status of running applications.

  • To view which version of software the device is running: 

#show version
  • To view whether the device is running standalone mode or managed mode: 

#show ida
  • To view the status of IOx: 

#show iox summary
#show iox details

Note
If an SD card is inserted into its slot, the show tech support command will copy tech support logs to the USB or SD card. The logs can be viewed later on a PC. The USB or SD card should be formatted as an ext2/ext4, ExFAT, or FAT32 filesystem.

Examples of Show Commands


ic3k>show
 ?
clock
dns
ida
interfaces
iox
ntp
operating-mode 
tech-support
version
ic3k>

ic3k>show clock
Tue Aug 13 22:22:12 UTC 2019
ic3k>

ic3k>show dns
# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
#     DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
nameserver 172.27.88.104
nameserver 173.36.131.10
search cisco.com example.com example.edu example.org
ic3k

ic3k>show dns manual-config
Nameserver 1 : 172.27.88.104
Nameserver 2 : 173.36.131.10
Domain : cisco.com
Search 1 : example.com
Search 2 : example.edu
Search 3 : example.org
ic3k>

ic3k>show dns mode
DNS Mode : Manual
ic3k>

ic3k>show ida status
IDA Version: 2.2.0
Status: Running                     
> The ida is running 
Operation Mode: Standalone          
> The device is in standalone mode
FND Host: 172.27.88.60:9121         
> The device is connected to an FND host IP address
FND Connection Status: Connected    
> The device is connected to FND
Periodic Metrics Interval: 300      
> The device will update its metrics every 300 seconds
Heartbeat Interval: 60              
> What is the heartbeat for?
Is Registered: True                 
> The device is registered with FND
HTTP Server Status: N/A (Stopped)
Remote Device Management: N/A

ic3k>show interfaces
 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: sit0@NONE: <NOARP> mtu 1480 qdisc noop state DOWN group default qlen 1000
    link/sit 0.0.0.0 brd 0.0.0.0
3: int1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq master dpbr_1 state UP group default qlen 1000
    link/ether d0:ec:35:cb:5e:23 brd ff:ff:ff:ff:ff:ff
    inet6 fe80::d2ec:35ff:fecb:5e23/64 scope link
       valid_lft forever preferred_lft forever
4: int2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq master dpbr_2 state UP group default qlen 1000
    link/ether d0:ec:35:cb:5e:24 brd ff:ff:ff:ff:ff:ff
    inet6 fe80::d2ec:35ff:fecb:5e24/64 scope link
       valid_lft forever preferred_lft forever
5: int3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq master dpbr_3 state UP group default qlen 1000
    link/ether d0:ec:35:cb:5e:25 brd ff:ff:ff:ff:ff:ff
    inet6 fe80::d2ec:35ff:fecb:5e25/64 scope link
       valid_lft forever preferred_lft forever
6: int4: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq master dpbr_4 state UP group default qlen 1000
    link/ether d0:ec:35:cb:5e:26 brd ff:ff:ff:ff:ff:ff
    inet6 fe80::d2ec:35ff:fecb:5e26/64 scope link
       valid_lft forever preferred_lft forever
7: mgmt0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq master svcbr_0 state UP group default qlen 1000
    link/ether d0:ec:35:cb:5e:20 brd ff:ff:ff:ff:ff:ff
8: svcbr_0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether d0:ec:35:cb:5e:20 brd ff:ff:ff:ff:ff:ff
    inet 172.27.168.53/25 brd 172.27.168.127 scope global svcbr_0
       valid_lft forever preferred_lft forever
    inet6 2001:face::d2ec:35ff:fecb:5e20/64 scope global dynamic mngtmpaddr
       valid_lft 2591980sec preferred_lft 604780sec
    inet6 fe80::d2ec:35ff:fecb:5e20/64 scope link
       valid_lft forever preferred_lft forever
9: dpbr_docker_n_0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default
    link/ether 02:42:00:9e:fa:8e brd ff:ff:ff:ff:ff:ff
    inet 192.168.10.65/27 brd 192.168.10.95 scope global dpbr_docker_n_0
       valid_lft forever preferred_lft forever
10: dpbr_n_0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default qlen 1000
    link/ether 52:54:00:c7:5a:5d brd ff:ff:ff:ff:ff:ff
    inet 192.168.10.1/27 brd 192.168.10.31 scope global dpbr_n_0
       valid_lft forever preferred_lft forever
11: dpbr_n_0-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast master dpbr_n_0 state DOWN group default qlen 1000
    link/ether 52:54:00:c7:5a:5d brd ff:ff:ff:ff:ff:ff
12: dpbr_0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 4a:0c:17:5b:48:e8 brd ff:ff:ff:ff:ff:ff
13: dpbr_0-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast master dpbr_0 state DOWN group default qlen 1000
    link/ether 52:54:00:1e:5d:42 brd ff:ff:ff:ff:ff:ff
14: veth1_0@veth0_0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master dpbr_0 state UP group default qlen
1000
    link/ether 4a:0c:17:5b:48:e8 brd ff:ff:ff:ff:ff:ff
    inet6 fe80::480c:17ff:fe5b:48e8/64 scope link
       valid_lft forever preferred_lft forever
15: veth0_0@veth1_0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master svcbr_0 state UP group default qlen
 1000
    link/ether fe:54:dd:a7:53:e1 brd ff:ff:ff:ff:ff:ff
    inet6 fe80::fc54:ddff:fea7:53e1/64 scope link
       valid_lft forever preferred_lft forever
16: dpbr_1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 52:54:00:83:c0:e3 brd ff:ff:ff:ff:ff:ff
17: dpbr_1-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast master dpbr_1 state DOWN group default qlen 1000
    link/ether 52:54:00:83:c0:e3 brd ff:ff:ff:ff:ff:ff
18: dpbr_2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 52:54:00:a1:1f:99 brd ff:ff:ff:ff:ff:ff
19: dpbr_2-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast master dpbr_2 state DOWN group default qlen 1000
    link/ether 52:54:00:a1:1f:99 brd ff:ff:ff:ff:ff:ff
20: dpbr_3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 52:54:00:a2:67:10 brd ff:ff:ff:ff:ff:ff
21: dpbr_3-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast master dpbr_3 state DOWN group default qlen 1000
    link/ether 52:54:00:a2:67:10 brd ff:ff:ff:ff:ff:ff
22: dpbr_4: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 52:54:00:6a:bb:22 brd ff:ff:ff:ff:ff:ff
23: dpbr_4-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast master dpbr_4 state DOWN group default qlen 1000
    link/ether 52:54:00:6a:bb:22 brd ff:ff:ff:ff:ff:ff
ic3k>

ic3k>show iox summary
 
IOx Infrastructure Summary:
---------------------------
eid: IC3000-2C2F-K9+FCH2307Y02C
pfm: IC3000-2C2F-K9
s/n: FCH2307Y02C
images: Lnx: 0.10.481., IOx: 1.10.0:r/1.10.0.0:530203c
boot: 2019-11-09 01:10:38
time: 2019-11-15 01:14:04
load: 01:14:04 up 6 days, 3 min, 0 users, load average: 0.05, 0.05, 0.06
memory: ok, used: 1691/7795 (21%)
disk: ok, used: /:491560/549348 (89%), /software:351932/87462892 (0%)
process: ok, running: 5/5
networking: warning, failed: gateway
logs: warning, errors: caf (1)
apps: ok, CyberVisionSensor (R)

ic3k>show iox detail
 
IOx Infrastructure Summary:
---------------------------
eid: IC3000-2C2F-K9+FCH2307Y02C
pfm: IC3000-2C2F-K9
s/n: FCH2307Y02C
images: Lnx: 0.10.481., IOx: 1.10.0:r/1.10.0.0:530203c
boot: 2019-11-09 01:10:38
time: 2019-11-15 01:14:54
load: 01:14:54 up 6 days, 4 min, 0 users, load average: 0.19, 0.09, 0.07
memory: ok, used: 1691/7795 (21%)
disk: ok, used: /:491560/549348 (89%), /software:351932/87462892 (0%)
process: ok, running: 5/5
networking: warning, failed: gateway
logs: warning, errors: caf (1)
apps: ok, CyberVisionSensor (R)
Application Information:
------------------------
--Virsh--
Containers:
 Id    Name                           State
----------------------------------------------------
Virtual Machines:
 Id    Name                           State
----------------------------------------------------
 1     CyberVisionSensor              running
Networking Information:
-----------------------
--Address--
svcbr_0 UP 172.27.166.6/25 7000::d2ec:35ff:feca:1de0/64 fe80::d2ec:35ff:feca:1de0/64
--Interface Stats--
Iface MTU Met RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR Flg
svcbr_0 1500 0 1653011 0 13236 0 27045 0 0 0 BMRU
dpbr_0 1500 0 1888079 0 13236 0 0 0 0 0 BMRU
dpbr_n_0 1500 0 0 0 0 0 0 0 0 0 BMU
--Bridge Info--
bridge name	    bridge id		            STP enabled	     interfaces
dpbr_0		       8000.525400b0d5d7	     no		              dpbr_0-nic
							veth1_0
							vnet0
dpbr_1		       8000.525400963909	     no		d             pbr_1-nic
							int1
							vnet1
dpbr_2		       8000.525400b2265b	     no		              dpbr_2-nic
							int2
							vnet2
dpbr_3		       8000.5254002c5c97     	no		              dpbr_3-nic
							int3
							vnet3
dpbr_4		       8000.5254005ddacd     	no		              dpbr_4-nic
							int4
							vnet4
dpbr_docker_n_0		  8000.0242b1138a88	  no              dpbr_n_0-nic
dpbr_n_0		        8000.525400483753	   no		               mgmt0
svcbr_0		        8000.d0ec35ca1de0	   yes		              veth0_0
							                          
--IP Routes--
Limit exceeded
Process Information:
--------------------
--Monit--
Process 'mhdserver'
 status Running
 pid 1707
 uptime 6d 0h 2m
 memory percent total 0.0%
 cpu percent total 0.0%
Process 'dockerd'
 status Running
 pid 1467
 uptime 6d 0h 2m
 memory percent total 1.0%
 cpu percent total 0.2%
Process 'igma'
 status Running
 pid 2109
 uptime 6d 0h 2m
 memory percent total 0.1%
 cpu percent total 0.0%
Process 'libvirtd'
 status Running
 pid 1638
 uptime 6d 0h 2m
 memory percent total 0.1%
 cpu percent total 0.0%
Process 'caf'
 status Running
 pid 2088
 uptime 6d 0h 2m
 memory percent total 0.7%
 cpu percent total 0.0%
--Process Info--
  PID STIME CMD
 1697 Nov09 /usr/bin/monit -s /var/run/monit.state
 2088 Nov09 python /home/root/iox/caf/scripts/startup.pyc /home/root/iox/caf/config/system-config.ini /home/root/iox/caf/config/log-config.ini
 1638 Nov09 /usr/sbin/libvirtd --daemon --listen
 2458 Nov09 /usr/sbin/sshd
 2109 Nov09 /usr/bin/igma
--PID info--
monit:1697
caf:2088
libvirtd:1638
sshd:2458
igma:2109
Disk Usage Information:
-----------------------
--Free Disk--
Filesystem 1024-blocks Used Available Capacity Mounted on
/dev/root 595000 491560 57788 90% /
/dev/sda2 92167844 351932 87110960 1% /software
--Mount--
/dev/ram on / type ext4 (rw,relatime,data=ordered)
/dev/sda2 on /software type ext4 (rw,relatime,data=ordered)
tmpfs on /run type tmpfs (rw,nosuid,nodev,mode=755)
tmpfs on /var/volatile type tmpfs (rw,relatime)
cgroup on /sys/fs/cgroup type tmpfs (rw,relatime,mode=755)
--Top Disk Usage--
/*:
430M	/usr
316M	/boot
/software/*:
288M	/software/caf
ic3k>

ic3k>show ntp
 
NTP Servers received from DHCP:
171.70.168.183
ic3k>
ic3k>show ntp manual-config
NTP-Server : 3.ntp.esl.cisco.com
NTP-Server : 10.81.254.202
NTP-Server : 10.81.254.131
NTP-Server : 7.ntp.esl.cisco.com
Preferred-Server : 172.27.88.109 Key : 11
Keys Configuration
Id Type Password
------------------
11  SHA1  pzybf0e2atybc612abb4b08d459f652acudad8eb9
ic3k>
ic3k>show ntp association
     remote           refid                     st   t   when poll reach   delay   offset  jitter
==============================================================================
 127.127.1.0     .LOCL.                  14    l  27h   64    0        0.000    0.000   0.000
*172.27.88.109   171.68.38.65       2    u  167 1024  377    0.450   -0.012   0.228
+10.81.254.202   .GNSS.               1    u  902 1024  377   72.843    0.062   0.274
-10.81.254.131   .GNSS.                1    u  769 1024  377   72.367    0.385   0.217
+171.68.38.65    .GNSS.                1    u  708 1024  317    2.389   -0.085   0.279
+72.163.32.44    .GNSS.                1    u  909 1024  377   43.472    0.042   0.216
-144.254.15.78   .GNSS.                1    u  228 1024  377  164.244    4.440   0.440
ind assid status  conf reach  auth   condition  last_event         cnt
===========================================================
  1 37781  8013   yes    no   none     reject       unreachable       1
  2 37782  f61a   yes   yes     ok       sys.peer      sys_peer         1
  3 37783  9414   yes   yes   none   candidate   reachable         1
  4 37784  9314   yes   yes   none     outlier       reachable         1
  5 37785  9414   yes   yes   none   candidate   reachable         1
  6 37786  9414   yes   yes   none   candidate   reachable         1
  7 37787  9314   yes   yes   none     outlier       reachable         1
* master (synced), # master (unsynced), + selected, - candidate, ~ configured
ic3k>

ic3k>show ntp status
Clock is synchronized, stratum 3,reference is 172.27.88.109
nominal freq is 100.0000HZ, precision is 2**21
reference time is E0FDB617.0D1C5651 (22:20:07.051000 Tue Aug 13 2019)
clock offset is -0.011554 msec, root delay is 2.861 msec
root dispersion is 60.971 msec, peer dispersion is 15.260 msec
ic3k>

ic3k>show ntp mode
NTP Mode : Manual
ic3k>

ic3k>show operating-mode
 
Operating-mode: Standalone
Remote Device Management: Enabled
ic3k>

ic3k>show version
 
Version: 1.2.1
Platform ID: IC3000-2C2F-K9
Hardware ID: FOC2227Y304
ic3k>

ic3k>help standalone-mode
 
In standalone mode, the IC3000 is an unmanaged device. It will be controlled via Local Manager and ioxclient.
1. Connect the Management interface on the IC3000 to your Computer with a network cable.
2. Assign "169.254.x.x (netmask 255.255.0.0)" IP address to the network interface on your computer. NOTE: Use any IP address other than 169.254.128.2 within 169.254.x.x subnet.
4. The IC3000 will be ready to operate in standalone mode in 30 seconds (The delay of 30 seconds only occurs the first time the IC3000 is booted up. All subsequent reloads will immediately take the IC3000 to standalone mode without delay).
5. Access "https://169.254.128.2:8443" from your browser on the computer.
6. Login using the default user and password.
7. Change the default password; user will be logged out of the Local Manager.
8. Login using the default user and the password you set in the previous step.
ic3k>

ic3k>help managed-mode
 
In managed mode, the IC3000 is managed by the IoT Field Network Director (FND).
1. Setup a DHCP server for assigning an IP address to the management interface.
2. DHCP server MUST provide "option 43" to the IC3000 for FND discovery.
         - Option 43 string must carry "I<fnd ip or host>". Example - "I172.27.133.25"
3. Connect the management interface to the DHCP server.
4. Claim the IC3000 on the FND setup suitable configurations. Follow FND User Guide from Cisco's website.
5. The IC3000 will connect with FND after the DHCP discovery process is completed.
ic3k>

Enhanced Reset Options for Release 1.3.1

Release 1.3.1 has changed the way Factory reset and configuration reset work:

Enhanced Factory Reset

The factory reset behavior has changed with this release. Factory reset will restore applications if the device was ordered with the application. After factory reset is executed, the device will return with the application in a running state as it came from the factory, with the default configuration on the platform.

If there was not an application shipped from the factory, then the application will not be restored. User installed applications on the device will be erased from the device by this operation.

If the device was shipped prior to release 1.3, the factory reset cannot restore the APP, even if the current running image version is 1.3. This action will result in a loss of all user installed applications, and the device will not have any applications after the reload.

Enhanced Configuration Reset

The configuration reset behavior has changed with this release.

On the IC3000 Platform

When a configuration reset is executed, the system configuration and logs are erased. After the reload, the IC3000 will boot up into a default configuration with respect to the system configuration and logs.

IOx Applications

Previous behavior was to delete all the IOx applications during configuration reset. Release 1.3.1 changed this behavior to NOT delete all IOx applications. All pre-existing applications will come back to the same operational state after the configuration reset.

All activated and running applications will get notified of a platform configuration reset operation via a sentinel file at $CAF_APP_CONFIG_DIR/.iox_app_config_reset. Applications can make use of this sentinel file to reload the application configuration upon platform configuration reset operation. Then, the application is expected to delete this sentinel file.

Local Manager Related

The Local Manager GUI provides some details on your device status.

  • To debug Application status use the APP Tab
  • To download APP logs go to the APP Tab > Manage APP > APP-Dir or App-Logs and download the logs.
  • To view Application failure issues go to the System Troubleshooting Tab and look for events or errors.

FND Related

If your device is not registering with FND, check the following:

  • Check the option 43 address format, and validate if it is the correct ip address of FND
  • Check the platform show ida status and show interfaces status to see which ip address the device has learned.
  • Check the FND provisional setting URL to ensure FND IP address:9121
  • Check whether the serial number in the FND input file is accurate

FND Logs

See the following table for details on the location and names of FND log files.

File Type

Host

Container

Files

FND-logs

/opt/fnd/logs/

/opt/cgms/server/cgms/log/

cgms_setup.log

server.log

access_log.<date>

cgms_stacktrace.log

cgms_db_connection_test.log

cgms_status.log

FND-data

/opt/fnd/data/

/tmp/fnd-data/

cgms_keystore.selfsigned

cgms.properties

userPropertyTypes.xml

FND-scripts

/opt/fnd/scripts/

N/A

upgrade-fnd.sh (To upgrade FND docker image)

Note : If required Postgres, Influx rpm has to be upgraded separately on the host.)

Docker environment

/opt/fnd/conf/

N/A

fnd-env.list

See the following table for details on the location and names of FD log files.

File Type

Host

Container

Files

FD-logs

/var/lib/docker/volumes/fd_logs/_data/

/var/log/fd

application.log

appmgr-console.log

catalina.out

host-manager.<date>.log

manager.<date>.log

appmgr-backup-restore.log

catalina.<date>.log

hibernate

localhost.<date>.log

metrics

usagestats

FD-data

/var/lib/docker/volumes/fogd_data/_data/

/var/cisco/appmgr

.bash_history

.bashrc

backup

certificate

extensions

fog_director.properties

.InstallAnywhere

.java

.keystore

.profile

.rnd

FD-scripts

/opt/fogd/scripts/

upgrade-fogd.sh (To upgrade FogD docker image)

Docker environment

/opt/fogd/conf/

fogd-env.list