Ensure that the new Nexus dashboard cluster is up and running and the NDO service is installed.

Open your new Nexus Dashboard Orchestrator service.

Add remote location for configuration backups.

1. From the left navigation pane, select Admin > Backup & Restore.

2. Choose the Remote Locations tab.

3. Choose Create Remote Location.

   The Create Remote Location screen appears.

4. Provide the name for the remote location and an optional description.

   Two protocols are currently supported for remote export of configuration backups:

   • SCP

   • SFTP

   Note

   SCP is supported for non-Windows servers only. If your remote location is a Windows server, you must use the SFTP protocol

5. Specify the host name or IP address of the remote server.

   Based on your Protocol selection, the server you specify must allow SCP or SFTP connections.

6. Provide the full path to a directory on the remote server where you will save the backups.

   The path must start with a slash (/) characters and must not contain periods (.) or backslashes (\). For example, /backups/ndo.

   Note

   The directory must already exist on the remote server.

7. Specify the port used to connect to the remote server.

   By default, port is set to 22.

8. Specify the authentication type used when connecting to the remote server.

   You can configure one of the following two authentication methods:

   • Password—provide the username and password used to log in to the remote server.

   • SSH Private Files—provide the username and the SSH Key/Passphrase pair used to log in to the remote server.

9. Click Save to add the remote server.

Import the backup file to your new Nexus Dashboard Orchestrator cluster.

1. From the left navigation pane, select Operations > Backups & Restore.

2. In the main pane, click Upload.

3. In the Upload to Remote window that opens, click Select File and choose the configuration backup file you created before the upgrade.

4. From the Remote Location dropdown menu, select the remote location.

5. (Optional) Update the remote location path.

   The target directory on the remote server, which you configured when creating the remote backup location, will be displayed in the Remote Path field.

   You can choose to append additional subdirectories to the path. However, the directories must be under the default configured path and must have been already created on the remote server.

6. Click Import to upload the file.

   Importing a backup will add it to the list of the backups displayed the Backups page. Note that even though the backups are shown on the NDO UI, the files are stored only on the remote server and not directly on the cluster nodes.

Restore the configuration.

1. In the main window, click the actions (…) icon next to the backup you want to restore and select Rollback to this backup.

   

2. In the Restore from this backup dialog, read the warning and click Restore to confirm that you want to restore the backup you selected.

   The restore process imports the backup and checks for any issues, which may take several minutes to complete. After the initial backup import, you will be prompted for additional validation in the next step, which is required for database upgrades from releases prior to release 4.0(1).

3. After the backup import is complete, ensure there are no failures listed in the report, then click Restore Validation Required to proceed.

   Before the configuration database is updated for this release, the upgrade process performs a number of validations. The validation provides a summary of template and policy changes that will be performed during this final upgrade stage in the next step and includes the following:

   • Implicit template stretching – if one or more objects are implicitly stretched, the upgrade process will create new explicitly-stretched templates and move the objects into those templates.

     For example, if you have a template (t1) that contains vrf1 and is associated to site1 and another template (t2) that contains a BD that references vrf1 but is associated to two sites (site1 and site2), then vrf1 will be implicitly stretched between the two sites.

     This is no longer allowed starting with release 4.0(1) and the VRF must be explicitly stretched to both sites. In such cases during the upgrade, the VRF will be either moved to a different template which will be explicitly stretched between both sites or the original template will be associated with both sites, depending on whether the other policies in that template require stretching as well.

     Any templates that are created in this case will be named UpgradeTemplate%d, where %d is an incrementing number starting with 1 to ensure that all newly added templates are unique.

   • Global policy migration – all global tenant policies (such as DHCP relay or route maps) and fabric policies (such as QoS) will be moved into the new tenant and fabric policy templates that have been added in release 4.0(1).

   Note

   At this stage, all the tenants have been imported from the backup and created in NDO, but the schemas and templates will be created in the next step.

4. In the Restore Validation Report window, click Restore and Continue to proceed.

   

   This is the stage of the upgrade where the schemas and the templates present in the backup are imported and recreated in your NDO configuration database according to the current best practices. These schemas and templates are then posted to the local NDO database as if it were a greenfield schema/template creation. Then the newly saved templates are deployed in the correct order that conforms to the current deployment requirements and best practices. The template deployment in this step uses a “local deploy” option to calculate the deployment plan and update the database, but does not send any configuration payload to the sites' controllers.

   The upgrade process also checks for any configuration drifts between the local NDO database (configuration that is correct from NDO's point of view) and what is actually deployed in the fabrics. If this release of NDO supports additional objects or properties compared to the release from which you are upgrading, the upgrade will automatically reconcile those drifts by importing the existing configuration from the site's controller.

   Note that if a template is automatically reconciled, two template versions are created – one before the automatic reconciliation and one after:

   

5. Review the report from the previous substep and click Ok to finish.

   The final stage of the database upgrade presents a full report of the performed actions for you to review. If you close the report but want to review it again, simply click the View Restore Report in the Backups page.

Verify that backup was restored successfully and all objects and configurations are present.

1. In the Sites page, verify that all sites are listed as Managed.

2. In the Tenants and Schemas pages, confirm that all tenants and schemas from your previous Nexus Dashboard Orchestrator cluster are present.

3. Navigate to Infrastructure > Site Connectivity and confirm that intersite connectivity is intact.

   In the main pane, click Show Connectivity Status next to each site and verify that the existing tunnels are up and connectivity was not interrupted.

4. In the main pane, click Configure to open Fabric Connectivity Infra screen and verify External Subnet Pool addresses.

   You can view the external subnet pools by selecting General Settings > IPSec Tunnel Subnet Pools tab of the Fabric Connectivity Infra screen and verify that the External Subnet Pools previously configured in Cloud Network Controller have been imported from the cloud sites.

   These subnets are used to address the IPsec tunnel interfaces and loopbacks of the Cloud Routers used for on-premises connectivity and had to be configured directly in the Cloud Network Controller in earlier Nexus Dashboard Orchestrator releases.