Cisco Nexus 9000 Software Upgrade NX-OS Tutorial

Nexus 9000 software upgrade using my AirConsole Bluetooth Wireless Console Cable

Each Nexus 9000 switch is shipped with Cisco NX-OS software. The NX-OS software consists of one NXOS image.

The image begins with “nxos” e.g

Software
 BIOS: version 07.59
 NXOS: version 7.0(3)I2(5)
 BIOS compile time: 08/26/2016
 NXOS image file is: bootflash:///nxos.7.0.3.I2.5.bin
 NXOS compile time: 1/13/2017 7:00:00 [01/13/2017 15:42:44]


Hardware
 cisco Nexus9000 C93120TX Chassis 
 Intel(R) Core(TM) i3- CPU @ 2.50GHz with 16401960 kB of memory.

Device name: NEX-9K-1

Only this image is required to load the Cisco NX-OS operating system. This image runs on all Cisco Nexus 9000 Series switches.

This tutorial will cover the upgrade of a 93120TX switch but the process is the same for any switch in the 9000 family

Cisco Nexus 9000 software upgrade procedure

1. Download the image from cisco.com
2. Copy the image to a USB stick or TFTP the image onto the switch (both options will be shown)
3. Initiate the software upgrade process
4. Upgrade complete.

From version 7.0(3)I3(1) you can perform an in-service software upgrade (ISSU), also known as a nondisruptive upgrade. However for this tutorial we will not be covering that. If I am performing a software upgrade on a live network I always like to do it within a maintenance window. This tutorial is being performed on a bench with two new switches right out the box.

Cisco Nexus 9000 software upgrade using TFTP

First step is to download the image from Cisco.com

For the Nexus 9000 software download the latest images  can be found here

Select the specific for your switch and download – (you will require a service contract)

Second step is to connect the management interface (or any L3 interface on your switch) to a network where you can see your TFTP server

In my case I have connected my laptop directly to the management port

Next ensure you have a route to your TFTP server

I will ping my laptop from the Nexus switch – both my laptop and management interface are addressed in the same /24 subnet

NEX-9K-1# ping 10.10.10.100 vrf management 
PING 10.10.10.100 (10.10.10.100): 56 data bytes
64 bytes from 10.10.10.100: icmp_seq=1 ttl=127 time=0.697 ms
64 bytes from 10.10.10.100: icmp_seq=1 ttl=127 time=0.697 ms
64 bytes from 10.10.10.100: icmp_seq=1 ttl=127 time=0.697 ms
--- 10.10.10.100 ping statistics ---
5 packets transmitted, 4 packets received, 20.00% packet loss

Great so I can see my laptop from the switch, next step is to copy the image

Third step is to copy the image onto the switch so I need to start my TFTP server on my laptop, I am using TFTPD64 

Verify you have enough space on the drive (for a new 9000 switch out the box you will have, but if this switch has been in production for a while there may be other redundant images on there.)

NEX-9K-1# dir bootflash:
 4096 Jul 21 04:59:39 2017 .rpmstore/
 6175 Jul 21 05:08:30 2017 20170721_050830_poap_8529_init.log
 6408 Feb 05 11:10:34 2018 20180205_110650_poap_8266_init.log
 4096 Jul 21 05:01:03 2017 home/
 336 Jul 21 05:02:22 2017 license_FDO21252F67_20.lic
 16384 Jul 21 04:59:34 2017 lost+found/
 555603456 Jul 21 05:01:00 2017 nxos.7.0.3.I2.5.bin
 4096 Jul 21 05:05:43 2017 scripts/
 4096 Jul 21 05:05:18 2017 virtual-instance/

Usage for bootflash://sup-local
 806494208 bytes used
51098030080 bytes free
51904524288 bytes total

You can see at the bottom I have 51098030080 bytes free on this switch – which is 50Gb which is plenty, the image I am upgrading to is 670Mb 

To copy the image to the switch ensure your image is in your TFTP directory and start your TFTPD server and issue the following commands on the switch

NEX-9K-1# copy tftp: bootflash: 
Enter source filename: nxos.7.0.3.I4.7.bin
Enter vrf (If no input, current vrf 'default' is considered): management
Enter hostname for the tftp server: 10.10.10.100
Trying to connect to tftp server......
Connection to Server Established.
Connection to Server Established.
[##################..................233Mb]

This process will take a few minutes as the image is copied to the switch

Next step is to install the image – Skip to Performing the Software Upgrade

Cisco Nexus 9000 USB software upgrade

The other more convenient option is to use a USB stick and copy the software to the stick, insert the stick into the Nexus 9000 switch and initiate the copy from USB to Bootflash as below:

Once you insert your USB stick into the USB port on the front of the switch, you should see a message something like this

NEX-9K-2# 2018 Feb 5 13:30:39 NEX-9K-2%$ VDC-1 %$ %USER-2-SYSTEM_MSG: <<%USBHSD-2-USB_SWAP>> USB insertion or removal detected - usbhsd
2018 Feb 5 13:30:39 NEX-9K-2 %$ VDC-1 %$ %USER-2-SYSTEM_MSG: <<%USBHSD-2-MOUNT>> USB2: online - usbhsd

In this case the device has been assigned USB2: so this is the device we need to copy from

NEX-9K-2# copy usb2: bootflash:
Enter source filename: nxos.7.0.3.I4.7.bin
Copy progress 100% 702663KB
Copy complete, now saving to disk (please wait)...
NEX-9K-2#

This process is lot quicker, this copy took less than 20 seconds

Now you have the image on the switch we need to verify it’s there

NEX-9K-2# dir bootflash:
 4096 Jul 21 05:37:55 2017 .rpmstore/
 6324 Feb 05 10:39:14 2018 20180205_103907_poap_8257_init.log
 4096 Jul 21 05:39:21 2017 home/
 336 Jul 21 05:41:38 2017 license_FDO21252F7A_21.lic
 16384 Jul 21 05:37:50 2017 lost+found/
 555603456 Jul 21 05:39:16 2017 nxos.7.0.3.I2.5.bin
 702663680 Feb 05 12:29:50 2018 nxos.7.0.3.I4.7.bin
 4096 Jul 21 05:45:02 2017 scripts/
 4096 Jul 21 05:44:37 2017 virtual-instance/

Performing the software upgrade

At this point it is recommended to perform an impact test on the software install, this is a series of test scripts that the switch will run through to check the impact of installing this software image

It is not a requirement for the software upgrade but just a good sense check to make sure all is ok.

NEX-9K-2# show install all impact nxos nxos.7.0.3.I4.7.bin
Installer will perform impact only check. Please wait. 
Installer is forced disruptive

Verifying image bootflash:/nxos.7.0.3.I4.7.bin for boot variable "nxos".
[####################] 100% -- SUCCESS

Verifying image type.
[####################] 100% -- SUCCESS

Preparing "nxos" version info using image bootflash:/nxos.7.0.3.I4.7.bin.
[####################] 100% -- SUCCESS

Preparing "bios" version info using image bootflash:/nxos.7.0.3.I4.7.bin.
[####################] 100% -- SUCCESS12MBHW 200.68MB

Performing module support checks.
[####################] 100% -- SUCCESS

Notifying services about system upgrade.
[####################] 100% -- SUCCESS

Compatibility check is done:
Module bootable Impact Install-type Reason
------ -------- -------------- ------------ ------
 1 yes disruptive reset Incompatible image for ISSU

Images will be upgraded according to following table:
Module Image Running-Version(pri:alt) New-Version Upg-Required
------ ---------- ---------------------------------------- -------------------- ------------
 1 nxos 7.0(3)I2(5) 7.0(3)I4(7) yes
 1 bios v07.59(08/26/2016):v07.59(08/26/2016) v07.51(02/15/2016) no

All tests have passed with SUCCESS so let’s perform the upgrade – this will perform the same checks but at the end actually perform the install.

Issue the command install all nxos bootflash:nxos.7.0.3.I4.7.bin

NEX-9K-1# install all nxos bootflash:nxos.7.0.3.I4.7.bin
Installer will perform compatibility check first. Please wait. 
Installer is forced disruptive

Verifying image bootflash:/nxos.7.0.3.I4.7.bin for boot variable "nxos".
[####################] 100% -- SUCCESS

Verifying image type.
[####################] 100% -- SUCCESS

Preparing "nxos" version info using image bootflash:/nxos.7.0.3.I4.7.bin.
[####################] 100% -- SUCCESS

Preparing "bios" version info using image bootflash:/nxos.7.0.3.I4.7.bin.
[####################] 100% -- SUCCESS

Performing module support checks.
[####################] 100% -- SUCCESS

Notifying services about system upgrade.
[####################] 100% -- SUCCESS

Compatibility check is done:
Module bootable Impact Install-type Reason
------ -------- -------------- ------------ ------
 1 yes disruptive reset Incompatible image for ISSU

Images will be upgraded according to following table:
Module Image Running-Version(pri:alt) New-Version Upg-Required
------ ---------- ---------------------------------------- -------------------- ------------
 1 nxos 7.0(3)I2(5) 7.0(3)I4(7) yes
 1 bios v07.59(08/26/2016):v07.59(08/26/2016) v07.51(02/15/2016) no


Switch will be reloaded for disruptive upgrade.
Do you want to continue with the installation (y/n)? [n]

Select Y to progress with the install

Install is in progress, please wait.

Performing runtime checks.
[####################] 100% -- SUCCESS

Setting boot variables.
[####################] 100% -- SUCCESS

Performing configuration copy.
[####################] 100% -- SUCCESS

Module 1: Refreshing compact flash and upgrading bios/loader/bootrom.
Warning: please do not remove or power off the module at this time.
[####################] 100% -- SUCCESS


Finishing the upgrade, switch will reboot in 10 seconds.
NEX-9K-2# [ 722.735442] [1517836762] writing reset reason 88, 
2018 Feb 5 13:19:22 NEX-9K-1 %$ VDC-1 %$ Feb 5 13:19:22 %KERN-0-SYSTEM_MSG: [ 722.735442] [1517836762] writing reset reason 88, - kernel
[ ü
CISCO SWITCH Ver7.59
Device detected on 0:6:0 after 0 msecs 

The switch will now reload and when it’s back online, we just need to verify it is running the new image, during the reboot you can see if it is booting the new image

Trying to read config file /boot/grub/menu.lst.local from (hd1,4) 
 Filesystem type is ext2fs, partition type 0x83

Booting bootflash:/nxos.7.0.3.I4.7.bin ...
Booting bootflash:/nxos.7.0.3.I4.7.bin  { Yes it is..!}
Trying diskboot 
 Filesystem type is ext2fs, partition type 0x83
Image valid

Image Signature verification was Successful.

Final verification is to log into the switch and issue the show version command

NEX-9K-2# sh ver 
Cisco Nexus Operating System (NX-OS) Software

Software
 BIOS: version 07.59
 NXOS: version 7.0(3)I4(7)

The upgrade is complete –

Please note this upgrade was performed on a device not in a production network,  during staging.
Before proceeding with any upgrades on your live network, ensure you understand the full impact of rebooting any switch.