How to Upgrade Software on Cisco 5508 HA WLC

The process to upgrade a Cisco Wireless Lan Controller is quite straightforward but there are a few things you need to be aware of which can minimise the downtime for your wireless network.

This guide will go through the process to upgrade a pair of 5508 WLC’s configured in HA setup and connected back to back with RP port.

Upgrade Software on Cisco 5508 – Step 1

The first step is to upload the new image to the controller.

This process does nothing to your live network and only uploads the image to the controller.

Download the image from cisco.com and store in a known location on your laptop.

For the purpose of this guide I am using 8.0.121.0 which is the latest stable release.

You will need a TFTP server running, I am using TFTPD32 running locally on my laptop.

Copy the new image into your tftp directory and go to the GUI on your controller.

Navigate to Commands / Download File 

The words a little confusing here as you are technically uploading a file to the controller but in the WLC world you download a file to the controller!?

Change the details to match the below changing the IP address to that of your tftp server.

Click the download button on the far right of the screen.

Once the image has downloaded to the primay and been extracted the controller will upload the file to the standby controller.

The image is then written to Flash

The AP Image bundle is then written to flash

Then again for the standby controller

After a few minutes you should see a successful message

You can now verify this image by using the CLI

SSH to your controller and issue the command show boot
This is before

(Cisco-Wireless-5508) >show boot 
Primary Boot Image............................... 7.6.130.0 (default) (active)
Backup Boot Image................................ 7.6.100.0

This is after the upload

(Cisco-Wireless-5508) >show boot 
Primary Boot Image............................... 8.0.121.0 (default) 
Backup Boot Image................................ 7.6.100.0 (active)

The default image is the one that will be loaded on the next reload.

You now need to Prime the AP’s with the new image.

You don’t have to perform this step, but it will minimise network downtime as the AP’s will not have to download a new image when the controller reboots as they will already have it. 

SSH into the controller and issue the command config ap image predownload primary all

This will push the primary image (8.0.121.0) to all APs – This process may take some time depending on how many AP’s you have

You can monitor the progress with the command show ap image all 

Currently all APs are on the current version

(Cisco-Wireless-5508) >show ap image all
Total number of APs.............................. 21
Number of APs
 Initiated....................................... 0
 Predownloading.................................. 0
 Completed predownloading........................ 0
 Not Supported................................... 0
 Failed to Predownload........................... 0
 Predownload Predownload

AP Name Primary Image Backup Image Status Version 
download
------------------ -------------- -------------- --------------- -----------

WAP-06 7.6.130.0 0.0.0.0 None None 
 
WAP-07 7.6.130.0 0.0.0.0 None None 
 
WAP-09 7.6.130.0 0.0.0.0 None None 
 
WAP-08 7.6.130.0 0.0.0.0 None None 
 
WAP-04 7.6.130.0 0.0.0.0 None None 
 
WAP-10 7.6.130.0 0.0.0.0 None None

Some AP's now have the new image 

WAP-1 7.6.130.0 8.0.121.0 Complete 8.0.121.0 NA NA 
WAP-2 7.6.130.0 0.0.0.0 Predownloading 8.0.121.0 NA NA 
WAP-3 7.6.130.0 8.0.121.0 Complete 8.0.121.0 NA NA 

All the AP’s have now had the new image pushed to them and it is ready to become the active image.

So far during this process the wireless network has been operating normally.

To verify the controller will boot from the primary image issue the command config boot primary

Then verify with the command show boot

(Cisco-Wireless-5508) >show boot 
Primary Boot Image............................... 8.0.121.0 (default) 
Backup Boot Image................................ 7.6.100.0 (active)

This should not have changed since earlier but I like to double check.

All you have to do now is to reload both controllers.

Before doing that just verify that the Redundancy is operational with the command show redundancy summary 

(Cisco-Wireless-5508) >show redundancy summary
Redundancy Mode = SSO ENABLED
Local State = ACTIVE
Peer State = STANDBY HOT
Unit = Secondary – HA SKU (Inherited AP License Count = 50)

You just need to confirm that the Peer is Standby Hot

Now you can reload.

To ensure both controllers reload together use the command reset system in <then enter a time more than 61 seconds>

(Cisco-Wireless-5508) >reset system in ?
 
<HH:MM:SS> Enter the delay duration. Valid range: <00:01:01> to <119:59:59>

For whatever reason the controller will not accept 1:01 so I had to add 2:01

Using this command will reboot both devices.

To minimise downtime even more you can add the reset-aps keyword at the end of the command

reset system in  00:02:01 image primary swap reset-aps 

This will start the AP’s reloading instead of waiting for the controller to come back before realising their image is wrong and then reloading.

You now have to wait for the controllers to restart.

At this point I would start to ping the management address of the controller to see when it comes back online.

For critical environments where you are local to the controllers you can monitor the process on the console.

For a lot of upgrades this process can be performed remotely.

Once the controller has come back and you log into it you should see the new code running.

Go to Wireless / Access Points and make sure all your AP’s are coming back online and are running the correct image.