Skip to content

ArubaOS Switch Firmware Upgrade Example

Jump to bottom
tchiapuziowong edited this page May 20, 2019 · 1 revision

Description

This workflow updates the Firmware of all ArubaOS-Switch Switches for a defined inventory and reboots them.

You can choose either to upgrade with the Task that is only for API v3 and higher or the Task which covers all API Versions. The second Option uses SSH and might be slower.

Details

This Workflow is an example of three different ways to upgrade your Switches and afterwards rebooting them. Remove all Possibilities you do not want. Every Possibility will only upload the Firmware if the firmware of the switch is a different version. Furthermore each Possibility returns a value which tells you if the firmware is uploaded and a reboot is possible. For more documentation see the GitHub Wiki (README) or the appropriate Task/Module.

  • Possibility 1: This upgrades the Switch through a custom module which implements CLI via SSH.
  • Possibility 2: This upgrades the Switch only via the API. This needs a Switch with API Version 3 or higher (Version 16.04 or higher)
  • Possibility 3: This upgrades the Switch through CLI (checking) and API (URL Upload). This can be used for any Switch Firmware version.

Prerequisites

  • This Playbook could be used for any ArubaOS-Switch.
  • Make sure you have a Firmware file (.swi) stored in the "files" directory.
  • Fill out Playbook with appropriate configurations information and chose which Firmware task you want to use (API version 3 or higher/any API version).
  • A hosted HTTP/HTTPS server has to be in a reachable subnet for the switch (Out of Bound Management not supported)
  • If the tasks hosts the HTTP Server, the automation server needs to be in a reachable subnet for the Switch (Out of Bound Management not supported).
  • Enable HTTPS on target Systems:
switch(config)# web-management ssl
switch(config)# rest-interface

Configure vault for sudo execution

You have to pre-configure Ansible's "vault". This vault shall store the automation server password with an encryption. The Playbook needs the password to execute certain commands with "sudo".

  1. Create a file called "secret.yml" in the "./vault" directory.
  2. Edit this file and fill the first line with: ansible_sudo_pass: PASSWORD (Replace PASSWORD with your system password)
  3. Open the CLI and go to the "./vault" directory. Enter "ansible-vault encrypt secret.yml". You will be asked for a new Vault password. Choose a password and keep it in your mind.
  4. Create a file called "vault.txt" in the "./vault" directory. (This should only be stored locally, and be in a directory with appropriate permission settings. Also never upload this file to a version control system)
  5. Edit the "vault.txt" file and enter your Vault password in it.

Set Up Inventory

Set up your inventory as described in Project Inventory Set Up

Execution

  • Run via: "ansible-playbook arubaoss_firmware_example.yml -e site=branch1" (Assuming current directory is "aruba-switch-ansible" and all pre-configurations have taken place)
Clone this wiki locally