There are certain times when CIMC access to your APIC is absolutely critical, for example, when you are troubleshooting a problem, upgrading your APICs, or performing a factory reset. During these times, you can access your APIC via CIMC by using the KVM console, which requires Java (or HTTP with CIMC 3.0), or by enabling Serial-over-Lan (SOL) support on your CIMC and using an SSH client.
Why should I upgrade the CIMC?
- Upgrading your APIC – For ACI Fabric upgrades, there are CIMC version requirements attached to those upgrades. In general CIMC versions are supported for quite a while across ACI Fabric upgrades, meaning you do not have to upgrade the CIMC on your APICs for every ACI Fabric upgrade, but you’ll want to check the release notes to ensure you are running at least a supported version.
- Get rid of Java – For anyone that has used Java to access the KVM console, you’ve all experienced some level of frustration with incorrect versions of Java, or security mechanisms blocking access, usually during the most critical times. If you don’t want to be stuck with the Java-based version of the KVM, you’ll need to perform an upgrade of your CIMC to at least 3.0(1) < Please note, do NOT use 3.0(1) for your APIC CIMCs; use the recommended versions in the release notes for your version of APIC Code; not every version of CIMC code is supported for APICs.
Which CIMC version should I use for my APIC?
Check out either the Recommended Cisco APIC and Cisco Nexus 9000 Series ACI-Mode Switches Releases guide, or find the Miscellaneous Compatibility Information Section in the Release notes for your intended version of ACI Code.
Notice in the example below for APIC 3.2(3i), there are several support CIMC code versions, and a recommended section as well. When you decide to upgrade your CIMC, MAKE SURE AND RUN ONLY SUPPORTED/RECOMMENDED VERSIONS OF CODE! If you run a different version of code, you could disable key functionality for your APICs!
An example of supported CIMC code from the Miscellaneous Compatibility Information section of the Release Notes for APIC 3.2(3i)
Upgrading the CIMC
Before you get started on upgrading your CIMC, a few things to remember:
- Make sure you have backed up your ACI Fabric Configuration prior to performing any changes or upgrades.
- Only upgrade one APIC/CIMC at a time! Do not attempt to upgrade all APIC/CIMCs at the same time.
- For best results, it is recommended to decommission your APIC from your APIC cluster prior to upgrading the CIMC. Once the upgrade is complete, you can re-commission your APIC back into the APIC Cluster.
- The CIMC Upgrade process will take between 45-90 minutes depending on your network connectivity from your computer to the APIC/CIMC.
Now, let’s upgrade your CIMC! The following high-level steps are required in order to upgrade your CIMC:
- Determine the model of your UCS-C220 server that houses the APIC (this will be important to know when you select your CIMC software)
- Download the HUU (Host Upgrade Utility) Software for your CIMC from CCO for your specific C220 server
- Access the KVM from the CIMC
- Activate and Map the HUU ISO to your CIMC KVM-DVD
- Reboot your server from the KVM
- Enter the Boot Menu and re-direct the server to boot from KVM-DVD
- Use the HUU to update all components of your Server
- Verify the installation of the CIMC Software
1 – Determine the model of your UCS-C220
In order to determine which model of UCS-C220 that you have, you’ll first need to determine which model of APIC you have. To determine your APIC model, login to the CIMC and find the PID for your APIC Server, located on the Server > Summary Tab (This should be the main page you encounter on logging into your CIMC).
- APIC-SERVER S1/M1/L1 = UCS-C220 M3
- APIC-SERVER S2/M2/L2 = UCS-C220 M4
2 – Download the HUU (Host Upgrade Utility) Software for your CIMC from CCO
Based on which UCS-C220 server you have (i.e., M3 or M4), you will login to CCO and download the appropriate HUU (Host Upgrade Utility Image) for your Server. Go to https://software.cisco.com/download, and search for “C220”.
3 – Access the KVM from the CIMC
Note – This CIMC screen is based on 2.0(9c)
From the Server > Summary page, click on the “Launch KVM Console” button. This will launch a Java-based KVM Console for your APIC. If you run into problems with Java, please consult the Release Notes for your specific version of CIMC Code.
4 – Activate and map the HUU ISO to your CIMC KVM session
Once your KVM has launched successfully, click on the “Virtual Media” and “Activate Virtual Devices”. You will be prompted to “Accept this session”, which you should do.
Next, you’ll Map the HUU/ISO image from your computer to the KVM-based DVD. You’ll browse your computer to find the ISO you previously downloaded from CCO. Once you select the file, click on the “Map Device” button to proceed.
Finally, lets verify that the appropriate HUU/ISO image was successfully mapped to the KVM-DVD.
5 – Reboot your server from the KVM
Once you’ve mapped the HUU/ISO to your KVM-DVD, you’ll need to reboot your server in order to be able re-direct your server to boot from the KVM-DVD (HUU/ISO image).
6 – Enter the Boot Menu and re-direct the server to boot from KVM-DVD
Once the server gets to the boot screen, you’ll want to hit the F6 button to enter the boot menu. You may need to create a MACRO in order to do this. Before you get to the boot menu, you will be prompted to enter the password (by default the password is “password”).
Once the boot process completes, you’ll be prompted to select the boot device. You will want to select the “Cisco vKVM-Mapped vDVD”
7 – Use the HUU to update all components of your Server
The installation process will take anywhere from 30-45 minutes (maybe longer, depending on the speed of the connection from where you are uploading the HUU/ISO to the CIMC).
Once you’ve kicked off the upgrade, resist the urge to do anything other than wait.
About half-way into the upgrade, the screen will change and you will eventually see a message that states the firmware and tools are being copied.
Once the firmware has completed copying to your server, you’ll have the option to update the firmware on some or all of your CIMC components. It is recommended to select the “UPDATE ALL” option.
Note – If you are prompted for “Secure Boot”, select NO. For a detailed understanding of CIMC Secure Boot, refer to the Cisco IMC Secure Boot document on CCO.
Once you click the “UPDATE ALL” option, wait until ALL components have successfully PASSED (or SKIPPED). This process will take 15-20 minutes.
Finally, once the upgrade process is complete, select the EXIT button to reboot the CIMC and conclude the installation process.
8 – Verify the installation of the CIMC Software
Point your browser to the address of your CIMC. Upon login, you’ll be able to verify your current firmware in a couple of places.
On the main summary page (Chassis > Summary), you’ll see that we are running 3.0(3f) firmware.
In addition, we can view all of the firmware by selecting the menu icon (top left) and then Admin.
From Admin, we’ll select Firmware Management. This will give us a complete listing of all CIMC components and their current version.
Finally – back on the main Summary page (Chassis > Summary), you’ll notice a welcomed addition to the option for our Launch KVM! HTML-based KVM!! The only caveat for HTML-based KVM is that you will need to remember to disable the pop-up blocker functionality for your browser.