In this article, we will discuss about POAP to provision multiple switches.
We need a DHCP, TFTP and SCP server. We can also use an HTTP server to deliver the software and the configuration.
POAP Infrastructure:
POAP Process:
Software used:
- ISC-DHCP-SERVER – version 4.3.1
- ATFTPD – version 0.7
- OPENSSH-server 6.7p1
DHCP configuration example :
Subnet used : 192.168.255.0/24
In the following block, I reserve a baud for the Client XXXXXXXX. XXXX is the serial number of the switch.
In the option dhcp-client-identifier you need to add “\000” before the serial number.
We have to assign the following parameter:
- IP address
- Default Gateway
- IP address TFTP Server
- Filename
- DNS server
In the file: /etc/dhcp/dhcpd.conf
option domain-name-servers 192.168.255.254; subnet 192.168.255.0 netmask 255.255.255.0 { host switch1 { option dhcp-client-identifier "\000XXXXXXXXXX"; fixed-address 192.168.255.1; option routers 192.168.255.254; option bootfile-name "/nxos/poap.py"; option tftp-server-name "192.168.255.200"; } }
TFPT server:
I kept the default configuration, in the file /etc/default/atftpd
USE_INETD=true OPTIONS="--tftpd-timeout 300 --retry-timeout 5 --mcast-port 1758 --mcast-addr 239.239.239.0-255 --mcast-ttl 1 --maxthread 100 --verbose=5 /srv/tftp"
In the directory /srv/tftp, I downloaded the poap.py file on github. (https://github.com/datacenter/nexus9000/blob/master/nx-os/poap/poap.py)
This script is provided by Cisco. In this file, you need to customize one part. In the following part you enter the information for:
- The target image
- Directory for the image and configuration
- Method to download the image and configuration here scp
- The credential of the SCP Server
- The name of the configuration file (here based on the serial number)
# system and kickstart images, configuration: location on server (src) and target (dst) n9k_image_version = "7.0.3.I5.2" # this must match your code version image_dir_src = "/srv/tftp/nxos" # Sample - /Users/bob/poap ftp_image_dir_src_root = image_dir_src tftp_image_dir_src_root = image_dir_src n9k_system_image_src = "nxos.%s.bin" % n9k_image_version config_file_src = "/srv/tftp/nxos/conf" # Sample - /Users/bob/poap/conf image_dir_dst = "bootflash:" # directory where n9k image will be stored system_image_dst = n9k_system_image_src config_file_dst = "volatile:poap.cfg" md5sum_ext_src = "md5" # Required space on /bootflash (for config and system images) required_space = 800000 # copy protocol to download images and config # options are: scp/http/tftp/ftp/sftp protocol = "scp" # protocol to use to download images/config # Host name and user credentials username = "root" # server account ftp_username = "anonymous" # server account password = "password" # password hostname = "192.168.255.200" # ip address of ftp/scp/http/sftp server config_file_type = "serial_number"
After you need to generate a md5 of the poap.py script. The following line will replace the second line with the MD5. If the MD5 is not valided the POAP process will fail and restart.
f=poap.py ; cat $f | sed '/^#md5sum/d' > $f.md5 ; sed -i "s/^#md5sum=.*/#md5sum=\"$(md5sum $f.md5 | sed 's/ .*//')\"/" $f
#!/bin/env python #md5sum="3b614973cbde2742388b5997228678cd" # Still needs to be implemented. # Return Values:
You also need to generate an md5 for the image:
md5sum nxos.7.0.3.I5.2.bin > nxos.7.0.3.I5.2.bin.md5
Don’t forget your configuration file name “conf.XXXXXXX” where XXXX is the serial number and to configure the credential in this file.