UFM-SDN Appliance Common Use Cases
Box configuration (e.g. interfaces' IP addresses, users, AAA, etc…) should be backed up and restored separately via CLI. For further information, please refer to the UFM®-SDN Command Reference Guide, section System Management.
The following are different UFM data restoration scenarios:
Software Version |
Backed Up Data Version |
Action Required |
1.6 |
1.6 |
Restore the backed up data |
1.5 |
1.6 |
|
1.6 |
1.5 |
Contact NVIDIA Mellanox Support |
Restoring Data on Standalone Configuration
Stop the UFM server.
ufm-appliance > enable ufm-appliance # configure terminal ufm-appliance [ mgmt-sa ] (config) # no ufm start
Restore the backed up UFM data.
ufm-appliance [ mgmt-sa ] (config) # ufm configuration import <zip-file> ufm-appliance [ mgmt-sa ] (config) # ufm database import <zip-file>
Start the UFM server.
Restoring Data on High Availability Configuration
To restore the data on the High Availability configuration when only the Standby machine has been replaced:
Stop the UFM server.
ufm-appliance [ mgmt-ha-active ] > enable ufm-appliance [ mgmt-ha-active ] # configure terminal ufm-appliance [ mgmt-ha-active ] (config) # no ufm start
Re-configure both Appliances to run in HA configuration. This command is performed on the Active machine.
ufm-appliance [ mgmt-ha-active ] (config) # ufm ha configure <peer-IP> <virtual-IP> [interface]
As a result, the UFM data is synchronized by the DRBD.
Start the UFM server.
To restore the data on the High Availability configuration when both the Standby and the Active machine have been replaced:
Restore the backed up UFM data on one of the machines.
ufm-appliance [ mgmt-sa ] (config) # ufm configuration import <zip-file> ufm-appliance [ mgmt-sa ] (config) # ufm database import <zip-file>
Re-configure both Appliances to run in HA configuration. This command is performed on the Active machine.
ufm-appliance [ mgmt-sa ] (config) # ufm ha configure <peer-IP> <virtual-IP> [interface]
As a result, the UFM data is synchronized on the Standby machine by the DRBD.
Start the UFM server.
The following process backs up the UFM database, and not the Monitoring History database.
To back up the UFM database:
Export the database to a "zip" file.
ufm-appliance > enable ufm-appliance # configure terminal ufm-appliance [ mgmt-sa ] (config) # ufm database export
Upload the file to either a USB storage device or an ftp/scp server.
ufm-appliance [ mgmt-sa ] (config) # ufm database upload ufm-database-180857.zip scp://mlnx:123456@172.30.3.201/tmp
Export the configuration to a "zip" file.
ufm-appliance > enable ufm-appliance # configure terminal ufm-appliance [ mgmt-sa ] (config) # ufm configuration export
Upload the file to either a USB storage device or an ftp/scp server.
ufm-appliance [ mgmt-sa ] (config) # ufm configuration upload ufm-config-20121128-180857.zip scp://mlnx:123456@172.30.3.201/tmp
Generate a debug dump file.
ufm-appliance > enable ufm-appliance # configure terminal ufm-appliance [ mgmt-sa ] (config) # debug generate dump
Upload the file to either a USB storage device or an ftp/scp server.
ufm-appliance [ mgmt-sa ] (config) # file debug-dump upload sysdump-ufm-appliance-8990b8-20120710-102624.tgz ftp://admin@172.30.3.36/home/admin
UFM®-SDN Appliance supports local and centrally managed users (Using LDAP, RADIUS, TACACS).
UFM®-SDN Appliance has predefined users. For the complete list of users and their roles, please refer to the UFM®-SDN Command Reference Guide, section User Roles (Capabilities).
Creating Local User
Log into the CLI as admin and use the selected password.
Create the users with a specific capability (role).
ufm-appliance > enable ufm-appliance # configure terminal ufm-appliance [ mgmt-sa ] (config) # username <username> capability <capability>
Set the user’s password.
ufm-appliance [ mgmt-sa ] (config) # username <username> password <password>
Linking Users to LDAP Server
Create a group for UFM®-SDN Appliance users on the ActiveDirectory server.
Assign users to the group.
[Optional] Add the attribute "localUserName" to the user schema for correlating it to a local username on the UFM®-SDN Appliance (If this attribute is not added, all users will be correlated with the default user – "admin").
Add LDAP as the authentication method.
ufm-appliance [ mgmt-sa ] (config) # aaa authentication login default local ldap
Configure the LDAP server.
ufm-appliance [ mgmt-sa ] (config) # ldap base-dn <string> ufm-appliance [ mgmt-sa ] (config) # ldap bind-dn <string> ufm-appliance [ mgmt-sa ] (config) # ldap bind-password <string> ufm-appliance [ mgmt-sa ] (config) # ldap host <IP Address>
For further information please refer to section "User Management and AAA" of the UFM®-SDN Command Reference Guide.
When logging into the CLI, and a similar upgrade notification as the below is displayed, you need to update your firmware version.
$ ssh admin@172.30.30.17
Password:
Last login: Sun Feb 24 17:27:59 2013 from 172.30.3.201
Mellanox UFM Appliance
UFM is configured as standalone.
UFM mode: Management.
HCA Firmware: 2.10.600 (Requires update)
To update the HCA firmware version:
Install the updated HCA firmware supplied in the software image.
ufm-appliance [ mgmt-sa ] (config) # firmware install
Reboot the system.
Verify the firmware was updated correctly.
ufm-appliance [ mgmt-sa ] (config) # show firmware Installed firmware version: 2.11.500 Running firmware version: 2.11.500 Image available for installation: 2.11.500
Generate debug dump from both UFM Appliances.
ufm-appliance [ mgmt-sa ] (config) # debug generate dump ufm-appliance [ mgmt-sa ] (config) # file debug-dump upload sysdump-ufm-appliance-8990b8-20120710-102624.tgz ftp://admin@172.30.3.36/home/admin
Investigate the root cause of the issue.
If the root cause related to the UFM License of UFM Configuration you need to perform the following steps:Look into the debug dump file to recognize the initial primary server (ufm-sysdump-<datetime>.tar.gz ./ufm_sys_conf/haresources).
ufm-appliance-8a447a hb_track_start check_sm 172.30.46.100/16/eth0/172.30.255.255 drbddisk::ufmdb Filesystem::/dev/drbd0::/opt/ufm/files::ext3 ufmd::hamode fix_arp hb_track_end
Disable the UFM High Availability configuration on both appliances.
ufm-appliance [ mgmt-sa ] (config) # no ufm ha
Update the UFM configuration or install the UFM License on the Primary Appliance.
Configure HA on the Primary Appliance.
ufm-appliance [ mgmt-sa ] (config) # ufm ha configure <peer IP> <virtual IP> [interface]
Wait until the mode is changed to "active" on the Primary Appliance and "standby" on the Secondary Appliance.
Verify the DRBD synchronization is completed.
ufm-appliance [ mgmt-sa ] (config) # show ufm status
Start UFM on the Primary Appliance.
ufm-appliance [ mgmt-sa ] (config) # ufm start