Catalyst 9800系列无线LAN控制器上的无中断软件升级
目录
简介
本文档介绍如何在Catalyst 9800系列无线LAN控制器上执行N+1无中断软件升级。
作者:思科TAC工程师Anand Shandilya。
先决条件
要求
Cisco 建议您了解以下主题:
-
Catalyst 9800无线LAN控制器和AP(IOS和ClickOS)平台
- Catalyst 9800无线LAN控制器软件功能集
使用的组件
本文档中提供的信息基于以下软件和硬件组件。
- Catalyst C9800-40和C9800-L-F-K9无线局域网控制器
- 点击OS和IOS AP
本文档中的信息都是基于特定实验室环境中的设备编写的。本文档中使用的所有设备最初均采用原始(默认)配置。如果您使用的是真实网络,请确保您已经了解所有命令的潜在影响。
背景信息
现有CAPWAP实施要求WLC和AP位于同一软件版本。因此,WLC升级后,AP会升级,从而不可避免地导致网络中断。使用现有实施,在不安排停机时间的情况下升级WLC是不可能的。
无中断升级利用N+1高可用性的概念,使用备用WLC(已升级到目标版本)来升级CAPWAP基础设施。然后,使用滚动AP升级功能以交错方式升级AP,通过不让所有AP一次性升级避免网络中断。这可确保在其中一个AP执行升级过程时,相邻AP为客户端提供服务。
工作流
- 将备用WLC升级到目标版本。
- 在生产WLC和备用WLC之间建立移动隧道。
- 使用install add file命令在生产控制器上启动升级。
- 预下载AP。
- 将AP移动到目标控制器(备用WLC)。使用滚动AP升级算法以交错方式升级AP。
- 一旦所有AP通过多次迭代移动到备用WLC,将激活生产WLC上的目标映像。
- 生产WLC重新加载,使新映像生效。
- 将所有AP移回生产控制器。
滚动AP升级算法
算法分三个阶段运行。
1.候选AP集选择
首先,根据附近AP信息选择一组候选。滚动AP升级算法在保持RF覆盖的同时,选择每个迭代中要升级的已配置AP的百分比
用于为无线客户端提供服务。维护覆盖非常重要,因此,它优先于选择所需的AP数量。因此,
对于P = 25%,所有AP升级到约6的预期迭代次数
对于P = 15%,所有AP预期的迭代次数可升级到12
对于P = 5%,所有AP预期的迭代次数可升级约22
2.客户引导
在重新启动候选AP之前,将候选AP上的客户端引导至不在候选列表中的AP。如果客户端仍在候选AP上保留,它们将只发送一个取消身份验证帧,AP将随新映像重新加载。
3. AP重新加载和重新加入
在客户端引导阶段后,AP将重新加载新映像。
此时,AP将启动3分钟计时器以重新加入。当此计时器过期时,会检查并标记所有候选AP,以查看它们所连接的WLC(自身或对等体)。
如果至少90%的候选AP已连接回,则结束迭代。否则,3分钟窗口将延长,并再重复两次检查,直到计数达到至少90%。
在第3次尝试结束时,仍会结束迭代,并启动下一次迭代。因此,每次迭代最多可持续10分钟。
限制
- 非客户端服务AP(如在监控器中工作的AP、嗅探器模式等)在程序的其余步骤开始之前一次性升级。
- 滚动AP升级不支持网状AP。如果部署有网状AP,则它们将在一次性升级,并在所有迭代结束时进行升级。
- 16.10只有一个CLI选项可供配置。
- 在GUI显示启用无中断升级的选项之前,需要注册AP。
- 在捆绑模式下运行的控制器不支持无中断升级。
拓扑
配置
从GUI
1.在控制器之间建立移动隧道。
2.在控制器上启动升级。同时启用无中断升级选项。或者,启用Fallback after upgrade,以便AP在激活新映像并重新加载父控制器后移回父控制器(无需交换和重置)。
3.完成所有阶段后,WLC会提示重新加载。
从CLI
1.在控制器之间建立移动隧道。
9800-40(config)#wireless mobility group member mac-address d478.9b3c.4ecb ip 10.106.36.78 public-ip 10.106.36.78 group default 9800-L(config)#wireless mobility group member mac-address d4e8.80b2.dc8b ip 10.106.36.110 public-ip 10.106.36.110 group default
2.在控制器上启动升级。
9800-40#install add file flash:C9800-40-universalk9_wlc.17.01.01s.SPA.bin
安装成功后,新映像应处于非活动状态。
9800-40#show install summary [ Chassis 1 ] Installed Package(s) Information: State (St): I - Inactive, U - Activated & Uncommitted, C - Activated & Committed, D - Deactivated & Uncommitted -------------------------------------------------------------------------------- Type St Filename/Version -------------------------------------------------------------------------------- IMG I 17.1.1s.0.351 IMG C 16.12.2s.0.47 -------------------------------------------------------------------------------- Auto abort timer: inactive --------------------------------------------------------------------------------
3.在AP上启动预下载,以将新映像作为AP上的备份加载。
9800-40#ap image predownload
要检查预下载状态,请使用此命令。
9800-40#show ap image
Total number of APs: 5
Number of APs
Initiated : 0
Predownloading : 1
Completed predownloading : 3
Not Supported : 0
Failed to Predownload : 0
Predownload in progress : Yes
AP Name Primary Image Backup Image Predownload Status Predownload Version Next Retry Time Retry Count
-------------------------------------------------------------------------------------------------------------------------------------------------------
AP3800 16.12.2.132 17.1.1.29 Complete 17.1.1.29 0 0
3800-2 16.12.2.132 17.1.1.29 Complete 17.1.1.29 0 0
4800-1 16.12.2.132 17.1.1.29 Complete 17.1.1.29 0 0
3702I-2 16.12.2.132 0.0.0.0 Predownloading 17.1.1.29 0 0
4.或者,如果需要配置每次迭代要升级的AP的百分比,可以使用此命令。默认值为 15。
9800-40(config)#ap upgrade staggered ? 15 15 percent APs per iteration 25 25 percent APs per iteration 5 5 percent APs per iteration one-shot All APs in one shot, no staggering
5.在所有AP上完成预下载后,您必须将AP移至在更新代码上运行的备用控制器。
9800-40#ap image upgrade destination 9800-L 10.106.36.78 fallback
此命令将使用swap and reset命令将AP移动到指定的目标WLC。Swap命令交换AP映像,以便目标代码被标记为AP的主映像,而reset命令重新加载AP。假设目的WLC与AP备份映像的版本相同。
或者,可以使用fallback 关键字启用Fallback after Upgrade选项,以便AP在激活新映像并重新加载源控制器后(无需交换和重置)移回父控制器。
6.所有AP移动到目标控制器后,在源WLC上激活映像。
在目标WLC上,验证所有AP是否都成功移动。
9800-L#show ap upgrade AP upgrade is complete, fallback awaited Fallback type: Fallback only From version: 16.12.2.132 To version: 17.1.1.29 Started at: 04/13/2020 02:32:09 UTC Configured percentage: N/A Percentage complete: 100 End time: 04/13/2020 02:56:09 UTC Progress Report --------------- Iterations ---------- Iteration Start time End time AP count ------------------------------------------------------------------------------------------------ 0 04/13/2020 02:32:09 UTC 04/13/2020 02:32:09 UTC 1 1 04/13/2020 02:32:09 UTC 04/13/2020 02:38:09 UTC 1 2 04/13/2020 02:38:09 UTC 04/13/2020 02:44:09 UTC 1 3 04/13/2020 02:44:09 UTC 04/13/2020 02:47:09 UTC 1 4 04/13/2020 02:47:09 UTC 04/13/2020 02:56:09 UTC 1 Upgraded -------- Number of APs: 5 AP Name Radio MAC Iteration Status Site ---------------------------------------------------------------------------------------------------- AP3800 1880.9021.e0e0 0 Joined default-site-tag 3800-2 1880.9021.e280 1 Joined default-site-tag 9130-1 04eb.409f.9760 2 Joined default-site-tag 4800-1 dc8c.3746.b0e0 3 Joined default-site-tag 3702I-2 fc5b.39f1.c7e0 4 Joined Unknown In Progress ----------- Number of APs: 0 AP Name Radio MAC ------------------------------------------------- Remaining --------- Number of APs: 0 AP Name Radio MAC ------------------------------------------------- APs not handled by Rolling AP Upgrade ------------------------------------- AP Name Radio MAC Status Reason for not handling by Rolling AP Upgrade ----------------------------------------------------------------------------------------------------------------------
在源WLC上,激活映像。对所有提示键入yes。安装完成后,控制器继续重新加载。
9800-40#install activate install_add_activate_commit: Activating PACKAGE Following packages shall be activated: /bootflash/C9800-L-rpboot.17.01.01s.SPA.pkg /bootflash/C9800-L-mono-universalk9_wlc.17.01.01s.SPA.pkg /bootflash/C9800-L-hw-programmables.17.01.01s.SPA.pkg This operation may require a reload of the system. Do you want to proceed? [y/n]y --- Starting Activate --- Performing Activate on all members [1] Activate package(s) on chassis 1 [1] Finished Activate on chassis 1 Checking status of Activate on [1] Activate: Passed on [1] Finished Activate
重新加载后,使用此命令提交映像。
9800-40#install commit
7.如果尚未启用升级后回退选项(如步骤5所述),则在源WLC升级到最新代码后,在目标WLC上使用此命令将AP移回源WLC。
在源WLC上
9800-40#show version | i Version Cisco IOS XE Software, Version 17.01.01s Cisco IOS Software [Amsterdam], C9800 Software (C9800_IOSXE-K9), Version 17.1.1s, RELEASE SOFTWARE (fc4)
在目标WLC上
9800-L#ap image move destination 9800-40 10.106.36.110
此命令将AP移回源WLC,而不使用swap 和reset 命令。
8.所有AP应重新加入源WLC,并且最新映像应处于已提交状态。
9800-40#show install summary
[ Chassis 1/R0 ] Installed Package(s) Information:
State (St): I - Inactive, U - Activated & Uncommitted,
C - Activated & Committed, D - Deactivated & Uncommitted
--------------------------------------------------------------------------------
Type St Filename/Version
--------------------------------------------------------------------------------
IMG C 17.1.1s.0.351
--------------------------------------------------------------------------------
Auto abort timer: inactive
--------------------------------------------------------------------------------
9800-40#show ap summary
Number of APs: 5
AP Name Slots AP Model Ethernet MAC Radio MAC Location Country IP Address State
-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
9130-1 2 9130AXI 04eb.409e.2620 04eb.409f.9760 default location IN 10.106.36.145 Registered
AP3800 2 3802I a023.9fae.f48a 1880.9021.e0e0 default location IN 10.106.37.13 Registered
3800-2 2 3802I a023.9fae.f4a4 1880.9021.e280 default location IN 10.106.36.187 Registered
4800-1 3 4800 dc8c.370e.b2da dc8c.3746.b0e0 default location IN 10.106.36.130 Registered
3702I-2 2 3702I fc5b.39d9.f4b4 fc5b.39f1.c7e0 default location IN 10.106.38.219 Registered
验证
- 确保WLC在INSTALL模式下运行。捆绑包模式不支持无中断升级。
9800-40#show version | i mode Installation mode is INSTALL
- 控制器之间的移动隧道应为UP。
9800-40#show wireless mobility summary Mobility Summary Wireless Management VLAN: 36 Wireless Management IP Address: 10.106.36.110 Wireless Management IPv6 Address: Mobility Control Message DSCP Value: 48 Mobility Keepalive Interval/Count: 10/3 Mobility Group Name: default Mobility Multicast Ipv4 address: 0.0.0.0 Mobility Multicast Ipv6 address: :: Mobility MAC Address: d4e8.80b2.dc8b Mobility Domain Identifier: 0x34ac Controllers configured in the Mobility Domain: IP Public Ip MAC Address Group Name Multicast IPv4 Multicast IPv6 Status PMTU --------------------------------------------------------------------------------------------------------------------- 10.106.36.110 N/A d4e8.80b2.dc8b default 0.0.0.0 :: N/A N/A 10.106.36.78 10.106.36.78 d478.9b3c.4ecb default 0.0.0.0 :: Up 1385
- 要监控AP升级,请使用以下命令。
在源WLC上
9800-40#show ap upgrade AP upgrade is in progress Fallback type: Fallback only From version: 16.12.2.132 To version: 17.1.1.29 Started at: 04/12/2020 21:02:09 India Configured percentage: 15 Percentage complete: 80 Expected time of completion: 04/12/2020 22:22:09 India Progress Report --------------- Iterations ---------- Iteration Start time End time AP count ------------------------------------------------------------------------------------------------ 0 04/12/2020 21:02:09 India 04/12/2020 21:02:09 India 1 1 04/12/2020 21:02:09 India 04/12/2020 21:08:09 India 1 2 04/12/2020 21:08:09 India 04/12/2020 21:14:09 India 1 3 04/12/2020 21:14:09 India 04/12/2020 21:17:09 India 1 4 04/12/2020 21:17:09 India ONGOING 1 Upgraded -------- Number of APs: 4 AP Name Radio MAC Iteration Status Site ---------------------------------------------------------------------------------------------------- AP3800 1880.9021.e0e0 0 Joined Member default-site-tag 3800-2 1880.9021.e280 1 Joined Member default-site-tag 9130-1 04eb.409f.9760 2 Joined Member default-site-tag 4800-1 dc8c.3746.b0e0 3 Joined Member default-site-tag In Progress ----------- Number of APs: 1 AP Name Radio MAC ------------------------------------------------- 3702I-2 fc5b.39f1.c7e0 Remaining --------- Number of APs: 0 AP Name Radio MAC ------------------------------------------------- APs not handled by Rolling AP Upgrade ------------------------------------- AP Name Radio MAC Status Reason for not handling by Rolling AP Upgrade ----------------------------------------------------------------------------------------------------------------------
在目标WLC上
9800-L#show ap upgrade AP upgrade is in progress Fallback type: Fallback only From version: 16.12.2.132 To version: 17.1.1.29 Started at: 04/13/2020 02:32:09 UTC Configured percentage: N/A Percentage complete: 80 Expected time of completion: 04/13/2020 03:52:09 UTC Progress Report --------------- Iterations ---------- Iteration Start time End time AP count ------------------------------------------------------------------------------------------------ 0 04/13/2020 02:32:09 UTC 04/13/2020 02:32:09 UTC 1 1 04/13/2020 02:32:09 UTC 04/13/2020 02:38:09 UTC 1 2 04/13/2020 02:38:09 UTC 04/13/2020 02:44:09 UTC 1 3 04/13/2020 02:44:09 UTC 04/13/2020 02:47:09 UTC 1 4 04/13/2020 02:47:09 UTC ONGOING 0 Upgraded -------- Number of APs: 4 AP Name Radio MAC Iteration Status Site ---------------------------------------------------------------------------------------------------- AP3800 1880.9021.e0e0 0 Joined default-site-tag 3800-2 1880.9021.e280 1 Joined default-site-tag 9130-1 04eb.409f.9760 2 Joined default-site-tag 4800-1 dc8c.3746.b0e0 3 Joined default-site-tag In Progress ----------- Number of APs: 1 AP Name Radio MAC ------------------------------------------------- 3702I-2 fc5b.39f1.c7e0 Remaining --------- Number of APs: 0 AP Name Radio MAC ------------------------------------------------- APs not handled by Rolling AP Upgrade ------------------------------------- AP Name Radio MAC Status Reason for not handling by Rolling AP Upgrade ----------------------------------------------------------------------------------------------------------------------
9800-L#show ap upgrade summary Report Name Start time ------------------------------------------------------------------------------------------ AP_upgrade_from_9800-40_13320202329 04/13/2020 02:32:09 UTC 9800-L#show ap upgrade name AP_upgrade_from_9800-40_13320202329 AP upgrade is in progress Fallback type: Fallback only From version: 16.12.2.132 To version: 17.1.1.29 Started at: 04/13/2020 02:32:09 UTC Configured percentage: N/A Percentage complete: 60 Expected time of completion: 04/13/2020 03:52:09 UTC Progress Report --------------- Iterations ---------- Iteration Start time End time AP count ------------------------------------------------------------------------------------------------ 0 04/13/2020 02:32:09 UTC 04/13/2020 02:32:09 UTC 1 1 04/13/2020 02:32:09 UTC 04/13/2020 02:38:09 UTC 1 2 04/13/2020 02:38:09 UTC 04/13/2020 02:44:09 UTC 1 3 04/13/2020 02:44:09 UTC ONGOING 0 Upgraded -------- Number of APs: 3 AP Name Radio MAC Iteration Status Site --------------------------------------------------------------------------------------------------------- AP3800 1880.9021.e0e0 0 Joined default-site-tag 3800-2 1880.9021.e280 1 Joined default-site-tag 9130-1 04eb.409f.9760 2 Joined default-site-tag In Progress ----------- Number of APs: 1 AP Name Radio MAC ------------------------------------------------- 4800-1 dc8c.3746.b0e0 Remaining --------- Number of APs: 0 AP Name Radio MAC ------------------------------------------------- APs not handled by Rolling AP Upgrade ------------------------------------- AP Name Radio MAC Status Reason for not handling by Rolling AP Upgrade ----------------------------------------------------------------------------------------------------------------------
反馈