Maintaining Data Center Operations during the Pandemic
During the past few months, companies have reduced their efforts in IT operations, consequently affecting Data Center procedures such as upgrades, patches and projects since a large number of operations require physical access to facilities. However, even during turbulent times, engineers continue to work to ensure the integrity of devices, monitoring, and eventually must be prepared to overcome an equipment failure without gaining physical access to the Data Center.
Below I’ll be sharing some tips that can help Data Center engineers ensure that different platforms work when physical access to premises is reduced or none (Click on each highlighted link for more information).
Deployment
Automate Nexus deployment through POAP: The POAP (Power-On Auto Provisioning) includes the ability to execute Python scripts as part of its workflow. The switch will obtain a temporary IP address via DHCP, and bootstraps itself with its interface IP address, gateway and DNS. The device runs the configuration script which downloads and installs the software image and downloads a switch-specific configuration file.
Platforms: Nexus 7000 and Nexus 9000
Automate Nexus 9000 by using iPXE: Like POAP, the PXE (Preboot Execution Environment) process starts by assigning a temporary IP address to the switch via the DHCP protocol. Additional DHCP scope options are also provided to facilitate the configuration script download. The Open NX-OS switch, acting as the DHCP client, will download the configuration script and execute it.
Recovering and Troubleshooting
Gain remote console access by using Terminal Server and reverse telnet: The terminal server is a router with multiple asynchronous ports, which are connected to other devices, such as the console port of routers or switches. The access is achieved by using a router console versus the in-band access through the network using Reverse Telnet. It is useful for operations that require a reboot and the in-band access is lost. The engineers will have console connectivity without requiring to enter in the Data Center and plug the console cable and the laptop.
Platforms: Different routers, switches, and servers.
Connect to the server’s CIMC: Ensure that you have the CIMC (Cisco Integrated Management Controller) properly configured by testing the access to your UCS (rack-mount) servers and APIC controllers. Make sure that your security rules in the out-of-band network allow the traffic through the following ports:
- IPMI – By default, UDP port 623
- SoL – By default, TCP port 22
- KVM – By default, TCP port 2068
Platforms: UCS and ACI APIC
Issues on Out-Of-Band network? Gain access to the server CIMC via in-band: From the UCS version 2.2 and newer, the network engineers are also able to access the CIMC via an in-band address. Traffic to and from the in-band address traverses through the fabric interconnect via the fabric uplink port. You can deploy a new IP address in a service profile for situations in which you are not able to reach the CIMC from the out-of-band network.
Platform: UCS Managed servers (UCS-C and UCS-B)
You can also reach the KVM through the IP network by using KVM Direct Access: Starting from UCS Manager Release 4.0, the administrators are also capable to take advantage of a new feature that introduces a direct console for their Blade and Rack-mount servers (M5 servers) by using the in-band or out-of-band (IPv4 and IPv6) network. When Cisco UCS KVM Direct is launched, the console for the server is displayed, the same way it would if they had accessed the server from the Cisco UCS Manager GUI.
Platform: UCS Managed servers (UCS-C and UCS-B)
High Availability and Redundancy
Increase the availability of the services with the best High Availability plan.
Platform: Useful in several Nexus platforms
It is also important to have an understanding of Nexus Management Interfaces.
Platform: Useful in several Nexus platforms
Upgrade (ACI)
Be prepared for the fabric upgrade by following the ACI upgrade checklist: This checklist gives you all the references and details that you must consider when planning/performing and troubleshooting the upgrade of the ACI fabric.
Don’t forget upgrading APIC CIMC and other firmwares of your ACI Fabric: Whenever you are planning the ACI upgrade, don’t forget to match the CIMC firmware version with the APIC target release. Consult the release notes of the ACI software version and check the supported CIMC versions under “Miscellaneous Compatibility Information”. For instance, ACI 5.1(3) support the following firmware.
If you have asked yourself “what about Intersight?” – stay tuned for the upcoming articles on Blog Cisco Portugal and feel free to leave any questions that you might have below.
Tags:
