Comware config autodeploy

Posted on December 31, 2013 by Peter Debruyne

On Comware devices, it is possible to perform device auto configuration. This means that a factory default device will look for a configuration file on the network and will try to execute it.

When the network is properly provisioned with a DHCP server and a TFTP server with a valid configuration file, the new device can be automatically deployed and updated as a zero-touch operation.

HP IMC can take advantage of this as well for auto deployment, however, in this post I will review the manual version of the automatic deployment, which works without IMC.

The network setup : DHCP Server

The DHCP Server should have a scope with some options, the important options for the autoconfig are:

  • TFTP Boot server : the IP address of the TFTP Server, in this example 10.0.1.100
  • TFTP Boot file name : the autoconfig filename, in this example startup-unit1.cfg

This would be a sample DHCP Scope configuration with another Comware device:

dhcp enable
dhcp server forbid 10.0.1.1 10.0.1.200
dhcp server ip-pool v1
 gateway 10.0.1.1
 bootfile-name startup-unit1.cfg
 tftp-server ip 10.0.1.100
 network 10.0.1.0 24

This would be a sampe Windows DHCP Scope option configuration:

comware-autodeploy2

The network setup : TFTP Server

Configure the tftp server on IP 10.0.1.100, if HP IMC is used, the %IMC Install Folder%\server\tmp can be used, since it is the root folder of the HP IMC TFTP server application.

The TFTP Server should have these files on it:

  • initial autoconfig file (see next section)
  • final config file (the actual final file you want on the device)
  • bootrom update file (example uses 5120, which still requires manual bootrom update)
  • firmware update file

The initial autoconfig file

I have used a 2-stage approach for the auto-deployment:

  1. Use the autoconfig file to cleanup the current device, update bootrom, firmware, reset the IRF unit ID. This will ensure that the procedure will also work with a device which was previously member of an IRF stack and used to have a different unit ID (different from 1 that is).
  2. Use the autoconfig file to finally auto download the final device configuration file

The initial file takes advantage of the Comware job scheduler and will schedule several ‘jobs’ to get the first stage done. This is the sample startup-unit1.cfg :

# Set temporary hostname
 sysname initial-unit1
#
# Reset IRF unit ID to 1, would only apply if device
# was previously in an IRF system. 
 irf member 2 renumber 1
 irf member 3 renumber 1
 irf member 4 renumber 1
#
# Make sure the device can reach tftp server
# Configure either temp static or dhcp address
# All ports are in vlan1 by default
int vlan 1
 ip ad dhcp

# Schedule the jobs
# Important : jobs will respond with Y to all questions ! 

# Job1 : download bootrom after 1 min
job j1
  view monitor
  time 1 one-off delay 1 command tftp 10.0.1.100 get A5120EI-BTM-610.btm

# Job2 : upgrade bootrom after 2 min
# multiple commands are used, since IRF renumber would only be effective
# after the next reboot. Using multiple commands here saves the additional 
# reboot
job j2
  view monitor
  time 1 one-off delay 2 command bootrom update file A5120ei-btm-610.btm slot 1  
  time 2 one-off delay 2 command bootrom update file A5120ei-btm-610.btm slot 2  
  time 3 one-off delay 2 command bootrom update file A5120ei-btm-610.btm slot 3  
  time 4 one-off delay 2 command bootrom update file A5120ei-btm-610.btm slot 4  

# Job3 : format flash to cleanup local filesystem. Takes about 40 sec on 5120
# The bootrom file is no longer needed after update. Job will auto-respond with Y.
job j3
 view monitor
 time 1 one-off delay 3 command format flash:

# Job4 : download new firmware file  
# On 5120, this takes about 160 seconds + delete of image in case format is not used.
job j4
  view monitor
  time 1 one-off delay 4 command tftp 10.0.1.100 get A5120EI-CMW520-R2215.bin

# Job5 : set bootloader to new file, using additional 3 minute delay for the tftp
# to complete.
job j5
  view monitor
  time 1 one-off delay 7 command boot-loader file A5120EI-CMW520-R2215.bin slot 1 main
  time 2 one-off delay 7 command boot-loader file A5120EI-CMW520-R2215.bin slot 2 main
  time 3 one-off delay 7 command boot-loader file A5120EI-CMW520-R2215.bin slot 3 main
  time 4 one-off delay 7 command boot-loader file A5120EI-CMW520-R2215.bin slot 4 main

# Job6 : get new, final config file  
job j6
  view monitor
  time 1 one-off delay 8 command tftp 10.0.1.100 get final-unit1.cfg startup.cfg

# Job7 : change startup file and schedule reboot after 1 minute
job j7
  view monitor
  time 1 one-off delay 9 command startup saved-configuration startup.cfg
  time 2 one-off delay 9 command schedule reboot delay 1

# optional : generate the ssh keys

The final config file

This is the final-unit1.cfg file which is downloaded by the initial config job.
Adjust this file to your own needs, this is just a basic sample to demonstrate the auto-deploy feature.

#
 sysname IRF-Unit1
#
 irf mac-address persistent timer
 irf auto-update enable
 undo irf link-delay
 irf member 1 priority 31 
 irf member 2 priority 30
#
 domain default enable system
#
 telnet server enable
#
vlan 1
#
vlan 11
 description V11-Management
#
radius scheme system
 primary authentication 127.0.0.1 1645
 primary accounting 127.0.0.1 1646
 user-name-format without-domain
#
domain system
 access-limit disable
 state active
 idle-cut disable
 self-service-url disable
#
user-group system
 group-attribute allow-guest
#
local-user admin
 password simple hp
 authorization-attribute level 3
 service-type ssh terminal
#
interface Bridge-Aggregation1
 port link-type trunk
 port trunk permit vlan 1 to 100
 link-aggregation mode dynamic
#
interface NULL0
#
int vlan 11
 ip ad 10.0.11.41 24

#
interface GigabitEthernet1/0/11
 port access vlan 11
#
 ip route-static 0.0.0.0 0.0.0.0 10.0.11.1
#
 ssh server enable
#
 load xml-configuration
#
user-interface aux  0

user-interface vty 0 4
 authentication-mode scheme
#
irf-port 1/1
 port group interface Ten-GigabitEthernet1/1/1 mode normal
#
irf-port 1/2
 port group interface Ten-GigabitEthernet1/1/2 mode normal
#
return

The result

The device will:

  • Reset IRF unit ID to 1
  • Update bootrom
  • Update firmware
  • Download final configuration file, which can included the final IRF port config
  • Reboot and become active IRF system

A similar setup can be done to prepare unit2, etc.

You would however need to be able to point to a different auto-config file on the tftp server, so you can either use :

  • DHCP reservations (with custom option on the reservation)
  • Dedicated IP subnets with different scopes for unit1/2/etc.
This entry was posted in Comware5 and tagged , . Bookmark the permalink.

1 Response to Comware config autodeploy

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s