53-1003240-01 27 June 2014 Fabric OS Upgrade Guide Supporting Fabric OS v7.3.
© 2014, Brocade Communications Systems, Inc. All Rights Reserved. Brocade, the B-wing symbol, Brocade Assurance, ADX, AnyIO, DCX, Fabric OS, FastIron, HyperEdge, ICX, MLX, MyBrocade, NetIron, OpenScript, VCS, VDX, and Vyatta are registered trademarks, and The Effortless Network and the On-Demand Data Center are trademarks of Brocade Communications Systems, Inc., in the United States and in other countries. Other brands and product names mentioned may be trademarks of others.
Contents Preface..................................................................................................................................... 3 Document conventions......................................................................................3 Text formatting conventions.................................................................. 3 Command syntax conventions.............................................................. 3 Notes, cautions, and warnings....................................
Configuring a switch for signed firmware.......................................... 23 Power-on firmware checksum test.................................................... 24 Testing and Restoring Firmware.............................................................................................25 Testing and restoring firmware on switches..................................................25 Testing a different firmware version on a switch...............................
Preface ● Document conventions......................................................................................................3 ● Brocade resources............................................................................................................ 5 ● Contacting Brocade Technical Support.............................................................................5 ● Document feedback..........................................................................................................
Notes, cautions, and warnings Convention Description value In Fibre Channel products, a fixed value provided as input to a command option is printed in plain text, for example, --show WWN. [] Syntax components displayed within square brackets are optional. Default responses to system prompts are enclosed in square brackets. {x|y|z} A choice of required parameters is enclosed in curly brackets separated by vertical bars. You must select one of the options.
Brocade resources Brocade resources Visit the Brocade website to locate related documentation for your product and additional Brocade resources. You can download additional publications supporting your product at www.brocade.com. Select the Brocade Products tab to locate your product, then click the Brocade product name or image to open the individual product page. The user manuals are available in the resources module at the bottom of the page under the Documentation category.
Document feedback • • • • OEM/Solution Providers are trained and certified by Brocade to support Brocade® products. Brocade provides backline support for issues that cannot be resolved by the OEM/Solution Provider. Brocade Supplemental Support augments your existing OEM support contract, providing direct access to Brocade expertise. For more information, contact Brocade or your OEM. For questions regarding service levels and response times, contact your OEM/Solution Provider.
About This Document ● Supported hardware and software.................................................................................... 7 ● What’s new in this document............................................................................................ 8 Supported hardware and software In those instances in which procedures or parts of procedures documented here apply to some switches but not to others, this list identifies exactly which switches are supported and which are not.
What’s new in this document TABLE 2 Brocade DCX Backbone family Gen 4 platform (8-Gpbs) Gen 5 platform (16-Gbps) Brocade DCX Brocade DCX 8510-4 Brocade DCX-4S Brocade DCX 8510-8 TABLE 3 Brocade Blades Gen 4 platform (8-Gpbs) Gen 5 platform (16-Gbps) Brocade FC8-16 Brocade FC8-32E Brocade FC8-32 Brocade FC8-48E Brocade FC8-48 Brocade FC16-32 Brocade FC8-64 Brocade FC16-48 Brocade FCoE10-24 (on Brocade DCX and DCX-4S) Brocade FC16-64 (on Brocade DCX 8510 series) Brocade FCoE10-24 (on Brocade
Installing and Maintaining Firmware ● Firmware download process overview.............................................................................. 9 ● Upgrading and downgrading firmware............................................................................ 10 ● Passwordless firmware download...................................................................................10 ● Considerations for FICON CUP environments................................................................
Upgrading and downgrading firmware (which is nondisruptive) the system. After the system boots up, the new firmware is activated. The firmware download process then copies the new image from the primary partition to the secondary partition. In dual-CP systems, the firmware download process, by default, sequentially upgrades the firmware image on both CPs using HA failover to prevent disruption to traffic flowing through the Backbone. This operation depends on the HA status on the Backbone.
Considerations for FICON CUP environments then you must export the public key to the remote host. Before running the firmwareDownload command, you must first configure the SSH protocol to permit passwordless logins for outgoing authentication as described in Configuring outgoing SSH authentication. Considerations for FICON CUP environments To prevent channel errors during nondisruptive firmware installation, the switch CUP port must be taken offline from all host systems.
Displaying the HA redundancy status TABLE 4 Backbone HA sync states (Continued) Active CP Fabric OS version Standby CP Fabric OS version HA sync state Remedy v7.2.0 v7.2.0 InSync N/A v7.2.0 v7.3.0 InSync N/A v7.3.0 v7.1.0 Not inSync Run firmwareDownload -s on the standby CP to upgrade it to v7.3.0 v7.3.0 v7.2.0 InSync N/A v7.3.0 v7.3.0 InSync N/A Displaying the HA redundancy status To display the switch uptime and CP blades redundancy settings, use the haRedundancy --show command.
Enabling automatic firmware synchronization from active CP to the standby CP Enabling automatic firmware synchronization from active CP to the standby CP Starting with Fabric OS 7.3.0, you can enable automatic firmware synchronization from the active CP blade to the standby CP blade if the following requirements are met. • • • • • The standby CP must be hot-plugged. The firmware version in the active CP should be higher than the firmware version in the standby CP.
Manually synchronizing the firmware from the active CP to the standby CP 14 Fabric OS Upgrade Guide 53-1003240-01
Preparing for a Firmware Download ● Prerequisites................................................................................................................... 15 ● Obtaining and decompressing firmware..........................................................................15 ● Connected switches........................................................................................................ 16 ● Finding the switch firmware version................................................................
Connected switches a directory called v7.3.0. When you issue the firmwareDownload command, there is an automatic search for the correct package file type associated with the switch. Specify only the path up to and including the v7.3.0 directory. Connected switches Before you upgrade the firmware on your switch, you must check the connected switches to ensure compatibility and that any older versions are supported.
Firmware Download Scenarios ● Firmware download on switches..................................................................................... 17 ● Firmware download on a Backbone................................................................................19 ● Firmware download from a USB device..........................................................................21 ● FIPS support...................................................................................................................
Upgrading firmware for Brocade fixed-port switches CAUTION After you start the process, do not enter any disruptive commands (such as reboot) that interrupt the process. The entire firmware download and commit process takes approximately 17 minutes. If there is a problem, wait for the timeout (30 minutes for network problems) before issuing the firmwareDownload command again. Disrupting the process can render the switch inoperable and require you to seek help from your switch service provider.
Firmware download on a Backbone Firmware download on a Backbone ATTENTION To successfully download firmware, you must have an active Ethernet connection on each CP. You can download firmware to a Backbone without disrupting the overall fabric if the two CP blades are installed and fully synchronized. Use the haShow command to verify that the CPs are synchronized prior to beginning the firmware download process.
Firmware Download Scenarios NOTE By default, the firmwareDownload command automatically upgrades both the active and the standby CPs and all co-CPs on the CP blades in the Brocade Backbones. It automatically upgrades all AP blades in the Brocade Backbones using autoleveling. 1. Verify that the Ethernet interfaces located on CP0 and CP1 are plugged into your network. 2. Verify that the FTP, SFTP, or SSH server is running on the host server and that you have a user ID on that server. 3.
Firmware download from a USB device Network Protocol (1-auto-select, 2-FTP, 3-SCP, 4-SFTP)) [1]: Password: Checking version compatibility... Version compatibility check passed. The following AP blades are installed in the system. Slot Name Versions Traffic Disrupted ----------------------------------------------------------------2 FS8-18 v7.3.0 Encrypted Traffic 8 FX8-24 v7.3.0 GigE This command will upgrade the firmware on both CPs and all AP blade(s) above.
Enabling the USB device Enabling the USB device 1. Log in to the switch using an account assigned to the admin role. 2. Enter the usbStorage -e command. Viewing the USB file system 1. Log in to the switch using an account assigned to the admin role. 2. Enter the usbStorage -l command. BrcdDCXBB:admin> usbstorage -l firmware\ 381MB 2013 v7.3.0\ 381MB 2013 config\ 0B 2013 support\ 0B 2013 firmwarekey\ 0B 2013 Available space on usbstorage 79% Jul Jul Jul Jul Jul 22 22 22 22 22 15:33 10:39 15:33 15:
Updating the firmware key The public key file on the switch contains only one public key. It is only able to validate firmware signed using one corresponding private key. If the private key changes in future releases, you need to change the public key on the switch by one of the following methods: • • By using the firmwareDownload command. When a new firmware is downloaded, firmware download always replaces the public key file on the switch with what is in the new firmware.
Power-on firmware checksum test cfgload attributes SelectYes. The following questions are displayed: Enforce secure config Upload/Download: Select yes . Enforce signed firmware download: Select yes. Webtools attributes Press Enter to select default setting; default is no. System Press Enter to select default setting; default is no. Power-on firmware checksum test FIPS requires the checksums of the executables and libraries on the filesystem to be validated before Fabric OS modules are launched.
Testing and Restoring Firmware ● Testing and restoring firmware on switches....................................................................25 ● Testing and restoring firmware on Backbones................................................................26 ● Validating a firmware download......................................................................................
Testing and restoring firmware on Backbones ATTENTION Downloading firmware to a switch can be disruptive to switch traffic. 7. Connect to the switch, log in as admin, and enter the firmwareShow command to confirm that the primary partition of the switch contains the new firmware. You are now ready to evaluate the new version of firmware.
Testing different firmware versions on Backbones NOTE Brocade recommends that, under normal operating conditions, you maintain the same firmware version on both CPs, and on both partitions of each CP. This organization enables you to evaluate firmware before you commit. As a standard practice, do not run mixed firmware levels on CPs. Testing different firmware versions on Backbones 1. Connect to the Brocade Backbone IP address. 2. Enter the ipAddrShow command and note the address of CP0 and CP1. 3.
Testing and Restoring Firmware c) d) At this point the firmware downloads to the standby CP only and reboots it. The current Backbone session is disconnected. Wait one minute for the standby CP to reboot, and then connect to the Backbone and log in as admin. Enter the firmwareShow command to confirm that both primary partitions have the test drive firmware in place. You are now ready to evaluate the new version of firmware.
Validating a firmware download If an AP blade is present : Blade partitions always contain the same version of the firmware on both partitions. The firmware is stored on the blade’s compact flash card and is always synchronized with the active CP’s firmware. Thus, if you restore the active CP firmware, the blade firmware is automatically downloaded (autoleveled) to become consistent with the new CP firmware (the blade firmware is restored).
Validating a firmware download 30 Fabric OS Upgrade Guide 53-1003240-01
Index configUpload command 15 configure command 23 errClear command 15 C command configUpload 15 configure 23 errClear 15 fabricShow command described 29 firmwareCommit command 19, 25–27 firmwareDownload command 9–11, 15, 17–19, 21, 22, 25 firmwareDownloadStatus command 17, 29 firmwareKeyUpdate command 22, 23 firmwareRestore command 25, 26 fabricShow described 29 firmwareCommit
Backbone 19 Backbone download process overview 19 Backbone version testing 26 downgrading 10 downloading without a password 10 download process 9 finding version 16 for switches 17, 18 obtaining and decompressing 15 power-on checksum test for FIPS 24 signed 23 switch version testing 25 upgrading 10 upgrading for Brocade fixed-port switches 18 upgrading on Backbones 19 upgrading on blades 19 configuring for signed firmware 23 firmware download 17 firmware version, finding 16 firmware version testing 25 swit