Switch Firmware Distribution Script
Python workflow for switch-to-switch image distribution
This workflow updates the firmware across a mass amount of switches using the switch-to-switch download feature that is enabled through the firmware-site-distribution API. The source code for this script can be found here.
How it Works
This script uses the firmware-site-distribution configuration on a switch to act as a remote server. This enables switch to switch firmware upgrades using REST APIs.
This script works by taking in an input CSV with information for a host switch and client switches to be upgraded. Any switch can only support upgrading two clients at a time using this API. However, this script utilizes threading to run this process concurrently across multiple switches to upgrade several switches at a time. Each switch upgrade is performed and handled by an individual thread. As the client switches complete the upgrade process they are then enabled as host switches via REST API and added to a pool of available hosts. This cascading effect will exponentially increase the speed of the upgrade process the more switches that are provided as input. Once all switches have been upgraded, the remote endpoints are turned off and sessions are logged out.
Benefits
- Faster than than traditional means of mass upgrade, such as using a remote TFTP server sequentially to switches
- Efficiently uses switches that have completed upgrading to be enabled as hosts
- Saves multitudes of network WAN bandwidth
- Ideal for Day 0 network infrastructure setups or site upgrades
Switches must be of the same platform and on the same network to use this script.
Setup
- Upgrade the host switch manually with the image to be used for re-imaging
- Create an input CSV with the all the switch information detailed below
- Copy the code from instructions here
- Install the requirements
- Once complete, the script is ready to be ran
CSV Format
Required information for each switch includes external IP, internal IP, username, password. The host switch information must be on the first line of the CSV. If the switches do not have an external IP (via NAT translator for example) fill in the internal IP for both cells.
Example CSV
12.123.1.123,11.1.1.1,host_user,host_pass
12.123.1.124,11.1.1.2,client_user,client_pass
12.123.1.125,11.1.1.3,client_user,client_pass
The first line of the input CSV must be the host switch.
CLI Arguments
A variety of CLI Arguments required and optional are available for additional functionality.
usage: fimware-site-dist.py [-h] [-vrf VRF] [-r] [-cred] [-d D] [-s S] input threads
Positional Arguments
- Input - Required
- This argument takes a relative filepath to a CSV file containing input information
- Threads - Required
- Designate the number of threads for python to utilize for the multithreading portion of the script.
- No more upgrades can execute at once greater than the number of threads. More threads means more concurrent switch upgrades can execute at a time.
- The more threads you include the faster the script will complete. Threads can also be used to limit and control the number of upgrades happening concurrently if this use case is applicable to your particular network.
Optional Arguments
- -vrf {vrf name}
- This will set the VRF to be used for the upgrade process.
- Common inputs are 'mgmt' or 'default'.
- Defaults to 'default'.
- -r
- If this option is set all switches will be rebooted after re-imaging is complete.
- This feature is not currently compatible with switches configured in a stack.
- -cred
- If this option is set the user will be prompted to enter username and password credentials to be used for ALL switches.
- -d {destination}
- This argument designates the firmware image location to be upgraded.
- Valid options are 'primary' and 'secondary'
- Defaults to 'secondary.
- -s {source}
- This argument designates the source firmware image location to download from.
- Valid options are 'primary' and 'secondary'.
- Defaults to 'primary'.
Executing the workflow
To run the workflow simply run the following command:
python firmware-site-distribution.py {inputpath.csv} {threads}
Please reference the above section on CLI Arguments for full usage of executing with commands on the CLI. Most common usage will specify image source and destination for upgrade. This would look as follows:
python firmware-site-distribution.py {inputpath.csv} {threads} -d primary -s primary
Troubleshooting
The most common errors for the script are generally input related. Here are a few things to check first when troubleshooting:
- If the switches are logging in but failing to re-image check the input file. The input file must include two fields for switch IP address even if there is only one. In this case please use the same IP for both fields. Refer to the CSV Format section.
- If the switches are logging in but failing to re-image, check the that the correct VRF argument is being passed in the CLI. Refer to the -vrf section of Optional Arguments.
- If the switches are failing to login, make sure that the switches are reachable from the environment you are attempting to execute the script from.
Updated 5 months ago