Manage Device Software Images
• Set Up Software Image Management, page 1
• Copy Software Images from Devices to the Image Repository (Create a Baseline), page 5
• How Do I Find Out Which Images Are Used by Network Devices?, page 6
• How Do I Know a Device Has the Latest Image?, page 6
• View the Images That Are Saved in the Image Repository, page 7
• Find Out Which Devices Are Using an Image, page 8
• View Recommended and Available Software Images from Cisco.com, page 8
• Add (Import) Software Images to the Repository, page 9
• Change the Device Requirements for Upgrading a Software Image, page 12
• Verify That Devices Meet Image Requirements (Upgrade Analysis), page 13
• Distribute a New Software Image to Devices, page 14
• Activate a New Software Image on Devices, page 20
• Activate, Deactivate, and Remove Cisco IOS XR Images from Devices, page 22
• Commit Cisco IOS XR Images Across Device Reloads, page 23
• Roll Back Cisco IOS XR Images, page 23
• Check the Network Audit for Software Image Operations, page 24
• Delete Software Image Files from the Image Repository, page 25
Set Up Software Image Management
• Make Sure Devices Are Configured Correctly, on page 2
• Verify the FTP/TFTP/SFTP/SCP Settings on the Cisco EPN Manager Server, on page 2
• Control Whether Images Are Saved to the Image Repository During Inventory Collection, on page 3
• Adjust Criteria for Cisco.com Image Recommendations, on page 3
Cisco Evolved Programmable Network Manager 2.1.2 User and Administrator Guide
1
Manage Device Software Images
Make Sure Devices Are Configured Correctly
• Adjust Image Transfer and Distribution Preferences, on page 4
• Change Cisco.com Credentials for Software Image Operations, on page 5
Make Sure Devices Are Configured Correctly
Cisco EPN Manager can transfer files to and from devices only if the SNMP read-write community strings
configured on your devices match the strings that were specified when the devices were added to Cisco EPN
Manager . In addition, devices must be configured according to the settings in How Often Is Inventory
Collected?.
Note
While configuring software images on some Cisco IOS-XR devices, the SSH hardening removes the
required SSH CBC (Cipher Block Chaining) ciphers thus causing several Software Image Management
operations to fail. Ensure that you upgrade to the Cisco IOS-XR version that supports CTR (counter mode)
ciphers.
Alternatively, you can add CBC ciphers in the SSHD service. To do this, you must first configure the
CBC ciphers in the ciphers line of the file in /etc/ssh/sshd_config (as shown in the example below),
and then restart the sshd service using the service sshd stop/start command.
Ciphers aes128-ctr,aes192-ctr,aes256-ctr,
arcfour256,arcfour128,aes128-cbc,3des-cbc,
cast128-cbc,aes192-cbc,aes256-cbc
Note
Software Image Management is not supported in the NAT environment. This means that image management
features such as image import, upgrade, distribution, and activation, will not function in the NAT
environment.
Verify the FTP/TFTP/SFTP/SCP Settings on the Cisco EPN Manager Server
If you will be using FTP, TFTP, SFTP, or SCP make sure that it is enabled and properly configured. See
Enable FTP/TFTP/SFTP Service on the Server.
Cisco Evolved Programmable Network Manager 2.1.2 User and Administrator Guide
2
Manage Device Software Images
Control Whether Images Are Saved to the Image Repository During Inventory Collection
Control Whether Images Are Saved to the Image Repository During Inventory
Collection
Because collecting software images can slow the data collection process, by default, Cisco EPN Manager
does not collect and store device software images in the image repository when it performs inventory collection.
Users with Administration privileges can change that setting using the following procedure.
Step 1
Step 2
Step 3
Choose Administration > Settings > System Settings, then choose Inventory > Image Management.
To retrieve and store device images in the image repository when Cisco EPN Manager performs inventory collection,
check the Collect images along with inventory collection check box.
Click Save.
Adjust Criteria for Cisco.com Image Recommendations
You can use Cisco.com to get information about recommended images based on criteria you provide. The
following procedure shows how you can adjust those recommendations. The following table also lists the
default settings.
Note
Step 1
Step 2
To use these features, the device must support image recommendations.
Choose Administration > Settings > System Settings, then choose Inventory > Image Management.
Adjust the recommendation settings as follows.
Setting
Description
Default
Recommend latest maintenance
version of each major release
Only considers images if it is the latest
Disabled
maintenance version of each major release
Recommend same image feature
Only considers images with same feature
set as running device image
Disabled
Recommend versions higher than the Only considers images that are higher than Disabled
current version
the running device image
Include CCO for recommendation
Step 3
Retrieves images from Cisco.com and the
image repository
Enabled
Click Save.
Cisco Evolved Programmable Network Manager 2.1.2 User and Administrator Guide
3
Manage Device Software Images
Adjust Image Transfer and Distribution Preferences
Adjust Image Transfer and Distribution Preferences
Use this procedure to specify the default protocols Cisco EPN Manager should use when transferring images
from the software image management server to devices. You can also configure Cisco EPN Manager to
perform, by default, a variety of tasks associated with image transfers and distributions—for example, whether
to back up the current image before an upgrade, reboot the device after the upgrade, continue to the next
device if a serial upgrade fails, and so forth. Users with Administration privileges can change that setting
using the following procedure.
This procedure only sets the defaults. You can override these defaults when you perform the actual distribute
operation.
Note
Step 1
Step 2
Step 3
Step 4
Cisco EPN Manager does not support the TFTP protocol for distributions from the software image
management server to devices.
Choose Administration > Settings > System Settings, then choose Inventory > Image Management.
Specify the default protocol Cisco EPN Manager should use when transferring images in the Image Transfer Protocol
Order. Arrange the protocols in order of preference. If the first protocol listed fails, Cisco EPN Manager will use the
next protocol in the list.
Note
When distributing an image to a device, use the most secure protocols supported by the device (for example,
SCP instead of TFTP). TFTP tends to time out when transferring very large files or when the server and client
are geographically distant from each other. If you choose SCP for the image distribution, ensure that the device
is managed inCisco EPN Manager with full user privilege (Privileged EXEC mode); otherwise the distribution
will fail due to copy privilege error (SCP: protocol error: Privilege denied).
Specify the default protocol Cisco EPN Manager should use when configuring images on devices in the Image Config
Protocol Order area. Arrange the protocols in order of preference.
Specify the tasks that Cisco EPN Manager should perform when distributing images:
Setting
Description
Default
Continue distribution on If distributing images to multiple devices and distribution to a device fails, Enabled
failure
continues the distribution to other devices
Step 5
TFTP fallback
Inserts the TFTP fallback command into the running image so that it can be Disabled
reloaded if image distribution fails
Backup current image
Before image distribution, backs up the running image to the TFTP server Disabled
Insert boot command
After image distribution, inserts the boot command into the running image Disabled
Click Save.
Cisco Evolved Programmable Network Manager 2.1.2 User and Administrator Guide
4
Manage Device Software Images
Add a Software Image Management Server to Manage Groups of Devices
Add a Software Image Management Server to Manage Groups of Devices
To distribute images to a group of devices, add a software image management server and specify the protocol
it should use for image distribution. You can add a maximum of three servers.
Step 1
Add the server.
a) Choose Administration > Servers > Software Image Management Servers.
b) Click the Add Row icon and enter the server name, IP address, and device group the server will support.
c) Click Save.
Step 2
Configure the server protocol settings.
a) Check the check box next to the server name, then click Manage Protocols.
b) Click the Add Row icon and enter the software image management protocol details (username, password, and so
forth).
c) Click Save.
Change Cisco.com Credentials for Software Image Operations
When Cisco EPN Manager connects to Cisco.com to perform software image management operations (for
example, to check image recommendations), it uses the credentials stored in the Account Settings page. You
can change those settings using the following procedure.
Step 1
Step 2
Step 3
Choose Administration > Settings > System Settings, then choose General > Account Settings.
Click the Cisco.com Credentials tab.
Change the settings, then click Save.
Copy Software Images from Devices to the Image Repository
(Create a Baseline)
Depending on your system settings, Cisco EPN Manager may copy device software images to the image
repository during inventory collection (see Control Whether Images Are Saved to the Image Repository During
Inventory Collection, on page 3). If you need to perform this operation manually, use the following procedure,
which imports software images directly from devices into the image repository.
Before you begin, ensure that images are physically present on the devices (rather than remotely loaded).
Cisco Evolved Programmable Network Manager 2.1.2 User and Administrator Guide
5
Manage Device Software Images
How Do I Find Out Which Images Are Used by Network Devices?
Note
If you are importing many images, perform this operation at a time that is least likely to impact production.
Step 1
Step 2
Step 3
Choose Inventory > Device Management > Software Images.
Click the Add/Import tab.
In the Import Images dialog box, complete the following:
a) In the Source area, select the devices (you may want to select one device group at a time).
b) In the Collection Options area, specify whether to import the files immediately or schedule the import for later.
Step 4
Click Submit.
How Do I Find Out Which Images Are Used by Network Devices?
To view a list of the images used by network devices, choose Reports > Reports Launch Pad > Device >
Detailed Software.
To list the top ten images use by network devices (and how many devices are using those images), choose
Inventory > Device Management > Software Images. Click Software Image Repository under Useful
Links, then then click the Image Dashboard icon in the top-right corner of the page.
How Do I Know a Device Has the Latest Image?
If your device type supports image recommendations, you can use the following procedure to check if a device
has the latest image from Cisco.com. Otherwise, use the Cisco.com product support pages to get this
information.
Step 1
Step 2
Choose Inventory > Device Management > Network Devices, then click the device name hyperlink to open the Device
Details page.
Click the Image tab and scroll down to the Recommended Images area. Cisco EPN Manager lists all of the images from
Cisco.com that are recommended for the device.
For Cisco NCS 2000 and Cisco ONS devices, this choice is displayed on the right when you click the Chassis View tab.
Note
The recommendations list is purely informational. To use any of the recommended images, you must get them
from Cisco.com and add them to the image repository. See Add (Import) Software Images to the Repository,
on page 9.
Cisco Evolved Programmable Network Manager 2.1.2 User and Administrator Guide
6
Manage Device Software Images
View the Images That Are Saved in the Image Repository
View the Images That Are Saved in the Image Repository
Use this procedure to list all of the software images saved in the image repository. The images are organized
by image type and stored in the corresponding software image group folder.
Step 1
Choose Inventory > Device Management > Software Images.Cisco EPN Manager lists the images that are saved in
the image repository within the Software Image Summary panel.
From here you can:
• Import new images into the image repository from network devices; file systems on client machines, IPv4 or IPv6
servers (URLs); and FTP servers. You can use the web GUI to find out what images are available from Cisco.com,
but images must be manually downloaded and then imported; see Add (Import) Software Images to the Repository,
on page 9.
• Adjust the requirements that a device must meet in order to upgrade to this image. See Change the Device
Requirements for Upgrading a Software Image, on page 12.
• Perform an upgrade analysis. See Verify That Devices Meet Image Requirements (Upgrade Analysis), on page
13.
• Copy new software images to devices. See Distribute a New Software Image to Devices, on page 14.
• Activate images, which makes a new image the device’s running image. See Activate a New Software Image on
Devices, on page 20.
• Commit Cisco IOS XR images, which persists the image across device reloads and creates a rollback point. See
Commit Cisco IOS XR Images Across Device Reloads, on page 23.
• Delete images from the image repository (images can only be deleted using the manual process). See Delete Software
Image Files from the Image Repository, on page 25.
Step 2
Click a software image hyperlink to open the Image Information page that lists the file and image name, family, version,
file size, and so forth.
From here you can:
• See which devices are using this image by checking the Device Details area at the bottom of the page.
• Adjust the requirements that a device must meet in order to upgrade to this image. (See Change the Device
Requirements for Upgrading a Software Image, on page 12.)
Cisco Evolved Programmable Network Manager 2.1.2 User and Administrator Guide
7
Manage Device Software Images
Find Out Which Devices Are Using an Image
Find Out Which Devices Are Using an Image
Step 1
Choose Inventory > Device Management > Software Images.
Step 2
In the Software Image Summary panel, locate the image that you are interested in by expanding the image categories
in the navigation area or entering partial text in one of the Quick Filter fields. For example, entering 3.1 in the Version
field would list Versions 3.12.02S, 3.13.01S, and so forth.
Click the image hyperlink to open the Software Image Summary page. Cisco EPN Manager lists all devices using that
image in the Device Details area.
Step 3
View Recommended and Available Software Images from
Cisco.com
• View Recommended Images on Cisco.com, on page 8
• View Available Images on Cisco.com, on page 9
View Recommended Images on Cisco.com
If your devices support Cisco.com image recommendations, you can use this procedure to check which images
your devices should be using.
Step 1
Choose Inventory > Device Management > Software Images.
Step 2
Step 3
Step 4
Click Software Image Repository under Useful Links.
Navigate to and select the software image for which you want to change requirements.
Choose the devices which you want to distribute the image from the Device List drop-down list and click Distribution
New Version.
Choose one of the following image sources:
Step 5
• Recommend Image from Cisco.com to select an image available on Cisco.com. Specify options, click Start
Recommendation, then skip ahead to Step 5.
Cisco EPN Manager displays recommended software images for your specific device types, but it does not allow
you to download software images directly from cisco.com. You must manually download software images and
then import the downloaded image file.
• Select Image from Local Repository to select an image stored locally. Then, under Local Repository:
◦Check the Show All Images check box to display all images available in the image repository.
◦Uncheck the Show All Images check box to display the software images applicable to the selected device.
Cisco Evolved Programmable Network Manager 2.1.2 User and Administrator Guide
8
Manage Device Software Images
View Available Images on Cisco.com
Step 6
Select the image to distribute, then click Apply.
Step 7
Choose the image name in the Distribute Image Name field to change your selection and pick a new image, then click
Save.
Step 8
Specify Distribution Options. You can change the default options in Administration > System Settings >Inventory>
Image Management.
Step 9
Specify schedule options, then click Submit.
View Available Images on Cisco.com
Depending on your device type, Cisco EPN Manager can narrow the list of available images by maintenance
versions, feature sets, versions, and so forth (see Adjust Criteria for Cisco.com Image Recommendations, on
page 3).
Cisco EPN Manager will use the Cisco.com credentials that are set by the administrator. If default credentials
are not set, you must enter valid credentials. (See Change Cisco.com Credentials for Software Image
Operations, on page 5).
Step 1
Step 2
Step 3
Step 4
Step 5
Step 6
Choose Inventory > Device Management > Software Images.
Click the Add/Import tab.
Note
Although you cannot use Cisco EPN Manager to download images directly from Cisco.com and import them
into the Cisco EPN Manager server, you can use the Add/Import function to check Cisco.com for available
software images. Then you can manually download the images and import them into the image repository.
In the Import Images dialog:
a) Click Cisco.com.
b) If the credentials are not auto-populated, enter a valid Cisco.com user name and password.
c) Choose a device platform and software version from the drop-down lists. The remaining choices (for example, feature
type) depend on the device platform and operating system you have chosen.
Perform a manual download of the images by going to the Cisco.com Software Download site. Enter your credentials
and follow the instructions.
Import the newly-downloaded images into the image repository using the procedure in Add a Software Image from a
Client Machine File System, on page 12.
Verify that the images are listed on the Software Images page (Inventory > Device Management > Software Images).
Add (Import) Software Images to the Repository
Cisco EPN Manager displays the recommended latest software images for the device type you specify, and
it allows you to download the software images directly from cisco.com. Cisco EPN Manager does not display
deferred software images. For detailed information, see Cisco EPN Manager 2.1 Supported Devices list.
Cisco Evolved Programmable Network Manager 2.1.2 User and Administrator Guide
9
Manage Device Software Images
Add a Software Image That Is Running on a Managed Device
Note
In order to download a K9 software image from cisco.com, you must accept/renew the https://
software.cisco.com/download/eula.html K9 agreement periodically.
The following topics explain the different ways you can add software images to the image repository. For an
example of how to troubleshoot a failed import, see Manage Jobs Using the Jobs Dashboard.
• Add a Software Image That Is Running on a Managed Device, on page 10
• Add a Software Image from an IPv4 or IPv6 Server (URL), on page 11
• Add a Software Image for an FTP Protocol Server (Protocol), on page 11
• Add a Software Image from a Client Machine File System, on page 12
Note
For Cisco NCS and Cisco ONS devices, you can only import software images using the procedure in Add
a Software Image from a Client Machine File System, on page 12.
Add a Software Image That Is Running on a Managed Device
This method retrieves a software image from a managed device and saves it in the image repository.
Note
When distributing an image to a device, use the most secure protocols supported by the device (for example,
SCP instead of TFTP). TFTP tends to time out when transferring very large files or when the server and
client are geographically distant from each other. If you choose SCP for the image distribution, ensure
that the device is managed in Cisco EPN Manager with full user privilege (Privileged EXEC mode);
otherwise the distribution will fail due to copy privilege error (SCP: protocol error: Privilege denied).
Note that TFTP is supported only when copying images from the device to the server and not the other
way around.
Limitations:
• For Cisco IOS-XR devices, direct import of images from the device is not supported by Cisco EPN
Manager ; SMU and PIE imports are also not supported on these devices.
• For Cisco IOS-XE devices, if the device is loaded with the 'packages.conf' file, then images cannot be
imported directly from that device.
Step 1
Step 2
Step 3
Choose Inventory > Device Management > Software Images.
Click the Add/Import tab.
In the Import Images dialog:
a) Click Device and under Collection Options, choose one or more devices.
b) In the Schedule area, schedule the job to run immediately, at a later time, or on a regular basis.
Cisco Evolved Programmable Network Manager 2.1.2 User and Administrator Guide
10
Manage Device Software Images
Add a Software Image from an IPv4 or IPv6 Server (URL)
c) Click Submit.
Step 4
To view the status of the job, click the job link in the pop-up message or choose Administration > Job Dashboard.
Step 5
Verify that the image is listed on the Software Images page (Inventory > Device Management > Software Images).
Add a Software Image from an IPv4 or IPv6 Server (URL)
You can import software image from network-accessible IPv4 or IPv6 servers. The following file formats are
supported: .bin, .tar, .aes, .pie, .mini, .vm, .gz, .ova, and .ros.
Cisco EPN Manager supports to import Non-Cisco standard image.
Step 1
Choose Inventory > Device Management > Software Images.
Step 2
Step 3
Click the Add/Import tab.
In the Import Images dialog:
a) Click URL.
b) In the URL To Collect Image field, enter a URL in the following format (you can also use an HTTP URL where user
credentials are not required):
http://username:password@server-ip/filename
c) In the Schedule area, schedule the job to run immediately, at a later time, or on a regular basis.
d) Click Submit.
Step 4
To view the status of the job, click the job link in the pop-up message or choose Administration > Job Dashboard.
Step 5
Verify that the image is listed on the Software Images page (Inventory > Device Management > Software Images).
Add a Software Image for an FTP Protocol Server (Protocol)
Step 1
Choose Inventory > Device Management > Software Images.
Step 2
Step 3
Click the Add/Import tab.
In the Import Images dialog:
a) Click Protocol.
b) Enter FTP in the Protocol field, then enter the FTP user name, password, server name or IP address, and file name.
The following is a file name example:
/ftpfolder/asr901-universalk9-mz.154-3.S4.bin
c) In the Schedule area, schedule the job to run immediately, at a later time, or on a regular basis.
Cisco Evolved Programmable Network Manager 2.1.2 User and Administrator Guide
11
Manage Device Software Images
Add a Software Image from a Client Machine File System
d) Click Submit.
Step 4
To view the status of the job, click the job link in the pop-up message or choose Administration > Job Dashboard.
Step 5
Verify that the image is listed on the Software Images page (Inventory > Device Management > Software Images).
Add a Software Image from a Client Machine File System
Before You Begin
When you import the software image file, the browser session is blocked temporarily. If the upload operation
exceeds the idle timeout limit of the browser session, then you will be logged out of Cisco EPN Manager
and the file import operation will be aborted. So it is recommended that you increase the idle timeout limit
before you begin with this import operation. To increase the idle timeout, see Configure the Global Timeout
for Idle Users.
Step 1
Choose Inventory > Device Management > Software Images.
Step 2
Step 3
Click the Add/Import tab.
In the Import Images dialog:
a) Click File.
b) Click the Browse button and navigate to the software image file.
c) In the Schedule area, schedule the job to run immediately, at a later time, or on a regular basis.
d) Click Submit.
Step 4
To view the status of the job, click the job link in the pop-up message or choose Administration > Job Dashboard.
Step 5
Verify that the image is listed on the Software Images page (Inventory > Device Management > Software Images).
Change the Device Requirements for Upgrading a Software
Image
Use this procedure to change the RAM, flash, and boot ROM requirements that a device must meet for a
software image to be distributed to the device. These values are checked when you perform an upgrade analysis
(see Verify That Devices Meet Image Requirements (Upgrade Analysis), on page 13).
Cisco Evolved Programmable Network Manager 2.1.2 User and Administrator Guide
12
Manage Device Software Images
Verify That Devices Meet Image Requirements (Upgrade Analysis)
Note
This operation is not supported on the Cisco NCS 2000 and Cisco ONS families of devices.
Step 1
Choose Inventory > Device Management > Software Images.
Step 2
Step 3
Step 4
In the Software Image Summary panel, locate and select the software image by clicking its associated hyperlink.
Click the software image name hyperlink to open its image information.
Adjust the device requirements:
• Minimum RAM (from 1 – 999999999999999)
• Minimum FLASH (from 1 – 999999999999999)
• Minimum Boot ROM Version
Step 5
Click Save.
Step 6
Click Restore Defaults, if you want to retain the previous requirements.
Verify That Devices Meet Image Requirements (Upgrade
Analysis)
An upgrade analysis verifies that the device contains sufficient RAM or FLASH storage (depending on the
device type), the image is compatible with the device family, and the software version is compatible with the
image version running on the device. After the analysis, Cisco EPN Manager displays a report that provides
the results by device. The report data is gathered from:
• The software image repository, which contains information about minimum RAM, minimum Flash, and
so on, in the image header.
• The Cisco EPN Manager inventory, which contains information about the active images on the device,
as well as Flash memory, modules, and processor details.
Note
Upgrade analysis is supported on all Cisco IOS-XR devices (such as Cisco NCS 1000, Cisco NCS 4000,
Cisco NCS 5000, Cisco NCS 5500, and Cisco NCS 6000), except on Cisco ASR 9000 devices.
If you want to adjust the device requirements for an image, see Change the Device Requirements for Upgrading
a Software Image, on page 12.
Step 1
Choose Inventory > Device Management > Software Images.
Step 2
Click Upgrade Analysis under Useful Links. (Do not select an image from the Software Images page.)
Step 3
In the Upgrade Analysis dialog:
Cisco Evolved Programmable Network Manager 2.1.2 User and Administrator Guide
13
Manage Device Software Images
Distribute a New Software Image to Devices
a)
b)
c)
d)
Choose the source for the software images (the image repository or Cisco.com).
Select the devices you want to analyze.
Select the software images you want to analyze the devices against.
Click Run Report.
The report groups devices by their IP address.
Distribute a New Software Image to Devices
The image distribution operation copies a new software image to a specified location on a device. You can
distribute images for similar devices in a single deployment, adjusting your choices per device. When you
create the job, you determine whether the job runs immediately or at a scheduled time.
Note
Cisco EPN Manager does not support using TFTP to distribute images from a server to devices.
When you select an image to be distributed, Cisco EPN Manager only displays devices that are suitable for
the image. When you create the distribution job, you specify whether Cisco EPN Manager should:
• Activate the image in the same job or skip the activation. Delaying the activation lets you perform these
tasks before activating the image:
◦Find out if there is insufficient memory, clear the disk space for distributing the image or package.
◦Do an upgrade analysis to check the suitability of the device for the chosen image.
• (Cisco IOS XR only) Commit the image in the same job or skip the commit.
Limitations:
• When you distribute image to Cisco IOS-XR devices (except Cisco ASR 9000 devices), the image is
copied to the device storage before the install package is activated and committed. With Cisco ASR
9000 devices, however, the image is installed on the device directly from Cisco EPN Manager without
being copied to the device storage.
• During the distribution process, if the protocols used for distribution are not supported by the device,
then distribution might fail. For example, if you use the SCP protocol to distribute an image to Cisco
ASR 9000 devices, then the distribution fails, because copy of the image onto the device storage is not
supported in the device's command line.
The image can be distributed to any file system on the device, including folders in the root directory. This is
supported only for NCS 42XX and ASR907 devices. If you choose a file system that has a stand by flash,
then the image is distributed to both the active flash and the stand by flash. This means that when you choose
to distribute the image to active flash, you are not required to re-distribute the image to the stand by flash.
Note
The option to distribute an image directly to a device folder is supported only on Cisco ASR907 and Cisco
NCS42xx devices.
Cisco Evolved Programmable Network Manager 2.1.2 User and Administrator Guide
14
Manage Device Software Images
Distribute a New Software Image to Devices
Cisco EPN Manager displays feedback and status as the operation proceeds. If you are distributing an image
to many devices, you can stagger reboots so that service at a site is not completely down during the upgrade
window. For image distribution to work efficiently, the device and server from which the distribution is
performed must be in the same geographical location or site. The distribution job will return an error if the
distribution takes more time due to network slowness or low speed.
Note
When distributing an image to a device, use the most secure protocols supported by the device (for example,
SCP instead of TFTP). TFTP tends to time out when transferring very large files or when the server and
client are geographically distant from each other. If you choose SCP protocol for the image distribution,
ensure that the device is managed in Cisco EPN Manager with full user privilege (Privileged EXEC
mode); otherwise the distribution will fail due to copy privilege error (SCP: protocol error: Privilege
denied).
Before You Begin
• When distributing an image to a device, use the most secure protocols supported by the device (for
example, SCP instead of TFTP). TFTP tends to time out when transferring very large files or when the
server and client are geographically distant from each other. If you choose SCP protocol for the image
distribution, ensure that the device is managed in Cisco EPN Manager with full user privilege (Privileged
EXEC mode); otherwise the distribution will fail due to copy privilege error (SCP: protocol error:
Privilege denied).
• When distributing images to Cisco ME 1200 devices, you will need to activate the image on the device
immediately after distribution. Ensure that the device is ready for an image activation.
Step 1
Choose Inventory > Device Management > Software Images.
Step 2
Click the blue Distribute icon in the Software Image Management Lifecyle widget. Cisco EPN Manager displays the
devices that are appropriate for the images. You can configure the image for each device when you create a distribution
job.
Note
If the required device is not listed here, ensure that the Image Family associated with the file is same as the
selected device's family.
Step 3
Step 4
To verify the device family, use the Image tab in the Device Details page.
From the Image Selection tab, select the image that you want to distribute on devices.
From the Device Selection tab, select the devices for image distribution. You can further adjust the distribution settings
for each device.
a) In the Image Deployment tab, Cisco EPN Manager displays one row per device and image.
b) For each device, check the location where the image will be copied. Cisco EPN Manager chooses the location based
on its memory calculations.
Note
Locations are not supplied for the Cisco NCS 2000 and Cisco ONS families of devices.
To change the location, double-click the location value in the Distribute Image field and choose another location
from the drop-down list.
After you click Save, Cisco EPN Manager calculates whether that location has adequate space for the image. If there
is enough space, Cisco EPN Manager displays a green check mark (after you click Save). Otherwise you must choose
another location, or select the Smart Flash Delete Before Distribution option in step 5.
The following is an example of a network audit event that is generated during image distribution.
Cisco Evolved Programmable Network Manager 2.1.2 User and Administrator Guide
15
Manage Device Software Images
Distribute a New Software Image to Devices
Step 5
Step 6
From the Image Details Verification tab, select the file system on the device where the image must be distributed using
the Distribute Location drop-down menu. This field displays the folders available on the device. To distribute the image
to new folders, create the folder on the device manually, and return to this step. Alternatively, you can create a new folder
during the distribution process automatically by choosing the 'swim_configuration.xml' file under '/opt/CSCOlumos/swim'
and providing any new folder name of your choice. The folder is automatically created under this directory.
Configure the distribution settings.
In the Image Deployment tab area, configure the behavior for the distribution job—for example, in a bulk distribution
job, whether to continue the distribution if it fails on a device. (The preferences are populated according to defaults set
by the administrator.
For more information, see Adjust Image Transfer and Distribution Preferences, on page 4).
Image Deployment Options
Cisco IOS Cisco IOS-XE Cisco IOS-XR Cisco NCS
2000 and
Cisco ONS
15454
Back Up Current
Y
Image—Back up the device’s
running image to the TFTP
server before the new image is
copied to the device
Y
—
—
—
—
Smart Flash Delete Before
Y
Distribution—Delete any file
(other than the running image)
to recover disk space in case the
device has insufficient memory
(additional image files are
deleted until adequate space is
available in the selected flash)
Y
Y
—
Y
Y
Y
Y
Y
Y
Y
Y
Distribute
Parallely—Distribute images
to multiple devices in parallel
rather than in a serial manner
Cisco Evolved Programmable Network Manager 2.1.2 User and Administrator Guide
16
Cisco NCS Cisco NCS 1000
4000
Manage Device Software Images
Distribute a New Software Image to Devices
Image Deployment Options
Cisco IOS Cisco IOS-XE Cisco IOS-XR Cisco NCS
2000 and
Cisco ONS
15454
Cisco NCS Cisco NCS 1000
4000
Continue on
Y
Failure—Continue the
distribution even if it fails on a
device
Y
Y
Y
Y
Y
Y
TFTP Fallback—Reload an
image if the distribution fails by
inserting the TFTP failback
command into the running
image
Y
—
—
—
—
Insert Boot Command—Insert —
the boot command into the
running image after the image
is distributed
Y
—
—
—
—
—
—
Y
—
Y
—
Only image downgrade
—
—Activate this option to
distribute an image with a
version lower than the version
previously running on the
device. This option is displayed
only when the selected device
supports image downgrade and
it is disabled when the Activate
drop-down menu is set to OFF.
—
—
Y
—
—
Remove In-Active Packages —
after Upgrade — Commit the
install operation and remove
previous active packages from
the device repository after the
device upgrade is complete.
—
—
—
Y
—
ISSU—Activate in-service
software upgrade (ISSU) to
update the software on the
device with minimal service
interruption
Cisco Evolved Programmable Network Manager 2.1.2 User and Administrator Guide
17
Manage Device Software Images
Distribute a New Software Image to Devices
Image Deployment Options
Cisco IOS Cisco IOS-XE Cisco IOS-XR Cisco NCS
2000 and
Cisco ONS
15454
Upgrade FPD image— Field —
Programmable Devices (FPDs)
are hardware devices
implemented on router cards
that support separate software
upgrades. Select this option to
automatically choose FPD
image packages for the upgrade
during image distribution and
activation processes.
—
—
—
Cisco NCS Cisco NCS 1000
4000
Y
Y
Additional features include:
• Smart Flash Delete Before
Distribution
• Distribute Parallely
• Continue on Failure
Step 7
In the Activate Job Options window, choose the required settings:
• Activate Options: Sequential or Parallel
• Continue on failure: Continue the distribution even if it fails on a device.
• Commit: Commit the image on the device post distribution.
• FPDs Upgrade: Field Programmable Devices (FPDs) are hardware devices implemented on router cards that support
separate software upgrades. If you enable this option, FPD image packages will be used for the upgrade.
Step 8
Configure the image activation settings.
Cisco Evolved Programmable Network Manager 2.1.2 User and Administrator Guide
18
Manage Device Software Images
Distribute a New Software Image to Devices
Device OS
Settings
Cisco IOS and
Cisco IOS XE
Check Insert Boot Command if you want the image to be activated when the device reloads,
and:
• If you do want to reload the device at the end of the operation (and activate the image)—
choose Sequentially, or Parallely from the drop-down list. This option is not available for
Cisco IOS XE devices.
• If you do not want to reload the device at the end of the operation—Choose OFF from the
drop-down list.
If you did not check Insert Boot Command but you want to activate the image, choose Sequentially,
or Parallely.
Note
Cisco IOS XR ,
Cisco NCS 2000
and Cisco ONS
If You choose to perform an ISSU upgrade, choose OFF from the drop-down list. This
option is only applicable to some Cisco IOS XE devices such as Cisco NCS42xx.
• If you do want to activate or reload the image, choose either Sequentially, or Parallely.
from the drop-down list.
• If you do not want to activate the image, choose OFF from the drop-down list.
Note
Note
If you choose to perform an ISSU upgrade, choose OFF from the drop-down list. This
option is applicable to all Cisco IOS XR devices.
If you choose OFF from the drop-down list, the Only image downgrade option is
disabled. This option is applicable to all Cisco NCS 2000 devices.
The activation options are sometimes hidden because the ability to activate images during the distribution process has
been disabled in the Admin settings. To activate images, please return to Inventory > Device Management > Software
Images and click the Activate icon.
Step 9
Step 10
Step 11
Step 12
(Cisco IOS XR devices) Configure the image commit settings. To commit the image in this job, check Commit. If you
want to commit the image later, do not check Commit and then use the procedure in Commit Cisco IOS XR Images
Across Device Reloads, on page 23.
In the Schedule Distribution area, schedule the job to run immediately, at a later time, or on a regular basis.
Click Submit.
Choose Administration > Job Dashboard to view details about the image distribution job.
Note
If the copy task takes longer than two hours, verify your connection speed from Cisco EPN Manager to the
selected device.
What to Do Next
If you encounter the following image distribution error, please configure the device with the commands listed
and try again:
Problem: You encounter the error- 'ssh connections not permitted from this terminal'.
Cause: Device is configured incorrectly.
Cisco Evolved Programmable Network Manager 2.1.2 User and Administrator Guide
19
Manage Device Software Images
Activate a New Software Image on Devices
Solution: Configure the device with the following commands
line vty 0 <number available in the device>
transport input ssh
transport output ssh
<number available in the device> -represents the unique identifier that varies from 15 to over 100 depending
on the IOS version running on the device.
Note
These commands are not supported on Cisco IOS-XR devices.
Activate a New Software Image on Devices
Note
To activate Cisco IOS XR images, you can use this procedure or the procedure in Activate, Deactivate,
and Remove Cisco IOS XR Images from Devices, on page 22 (which performs the deactivate operation
on single devices).
When a new image is activated on a device, it becomes the running image on the disk. Deactivated images
are not removed when a new image is activated; you must manually delete the image from the device.
If you want to distribute and activate an image in the same job, see Distribute a New Software Image to
Devices, on page 14 .
To activate an image without distributing a new image to a device — for example, when the device has the
image you want to activate—use the following procedure. The activation uses the distribution operation but
does not distribute a new image.
Before You Begin
• Before activating or reverting images on Cisco NCS 2000 devices, ensure that you disable all suppressed
alarms on the device. To do this, navigate to the device’s Device Details page in Cisco EPN Manager ,
click the Configuration tab, and choose Alarm > Alarm Profile to uncheck the Suppress Alarm
checkbox.
• If you choose the ISSU option to activate an image that is in bundle mode, you need to reload the device
after activation. To verify if the device is in bundle mode, run this command show version | in image
to check if the image is of the format '.bin'. You can also check the format of the image by looking at
the filename of the image in the Image tab of the Device Details view.
• During activation using the ISSU option, if the device is in subpackage mode, for example, if the image
is of the format ‘bootflash:ISSU/packages.conf’, ensure that you use the same folder to activate the
image. Changing the folder location will cause a failure of the activate operation.
Step 1
Step 2
Step 3
Choose Inventory > Device Management > Software Images.
Click the Activate icon in the Software Image Management Lifecyle widget.
Note
You cannot perform the activation operation when the standby version is lower than the active version.
Cisco Evolved Programmable Network Manager 2.1.2 User and Administrator Guide
20
Manage Device Software Images
Activate a New Software Image on Devices
Step 4
Step 5
In the Activation Source tab, choose Activate from Library or Activate from Completed Distribution Jobs or
Activate from Standby/Alternate Images as required.
If you choose Activate from Completed Distribution Jobs, click the Activate Job Options tab.
In the Activate Job Options window, choose the required settings and go to Step 10:
• Activate Options: Sequential or Parallel
• Continue on failure: Continue the distribution even if it fails on a device.
• Commit: Commit the image on the device post distribution.
• FPDs Upgrade: Field Programmable Devices (FPDs) are hardware devices implemented on router cards that support
separate software upgrades. If you enable this option, FPD image packages will be used for the upgrade.
Step 6
Step 7
Step 8
Step 9
If you choose Activate from Library in the Activation Source tab, then click the Image Selection tab.
If you choose Activate from Standby Image, then go to Step 9.
Step 10
Click the Activate Image tab, and verify whether the selected devices and software images are mapped correctly for
activation. While using standby images for activation, click the Verify Image Selection tab.
Note
When you are activating a standby/alternate image, if the version of the standby/alternate image is lower than
that of the image running on the device, the Verification Status Message column displays in red that you are
downgrading to a lower version.
Click the Activate Job Options tab, and choose the required Activate Job options.
If you choose the ISSU option from the Activate drop-down list, the software image in the device will get upgraded
without need for rebooting the device.
Step 11
In the Image Selection tab, choose the software images that you want to distribute.
Click the Device Selection tab and choose the devices for which the image must be activated.
By default, the devices for which the selected image is applicable are shown. For example, if you choose the Activate
from Standby/Alternate Images option in Step 3, then the Device Selection tab displays only devices such as, Cisco
NCS 2000, Cisco ONS 15454 devices, and Cisco ME1200 devices, which support activation of standby/alternate images.
While activating a standby image, if the selected device supports a downgrade, then the Only image downgrade checkbox
is displayed. Selecting this checkbox ensures that the devices are downgraded only if they support the downgrade operation
(for example in case of Cisco NCS2000 devices) and any specified upgrade operation will fail.
Step 12
Click Submit to activate the software image in the selected devices.
See table below for information on Cisco devices and the protocols they support for image distribution:
Table 1: Cisco Devices and Supported Image Distribution Protocols
Cisco Devices
TFTP
FTP
SCP
SFTP
HTTPS
Cisco ASR1000
Yes
Yes
No
Yes
No
Cisco ASR9000
Yes
No
No
Yes
No
Cisco IOS-XR
Yes
(except Cisco
ASR9000 devices)
Yes
Yes
Yes
No
Cisco Evolved Programmable Network Manager 2.1.2 User and Administrator Guide
21
Manage Device Software Images
Activate, Deactivate, and Remove Cisco IOS XR Images from Devices
Cisco NCS42xx,
Cisco ASR9XX,
or Cisco ASR
1000
Yes
Yes
Yes
No
No
Cisco ME1200
Yes
Yes
No
Yes
No
Cisco NCS2000
and Cisco ONS
devices
No
Yes
No
No
Yes
Activate, Deactivate, and Remove Cisco IOS XR Images from
Devices
You can perform activate, deactivate, and delete operations on specific devices from the Device Details page.
That view lists all it becomes the running image on the disk.
Before You Begin
Before activating or reverting images on Cisco NCS 2000 devices, ensure that you disable all suppressed
alarms on the device. To do this, navigate to the device’s Device Details page in Cisco EPN Manager , click
the Configuration tab, and choose Alarm > Alarm Profile to uncheck the Suppress Alarm checkbox.
Step 1
Step 2
Open the Device Details page and click the Image tab.
Expand the Applied Images area to display all of the images that are installed on the device.
• Active—Images that devices are actively using.
• Inactive—Images that are added to the boot device but are not activated.
• Available—Images that are physically present on the device but have not been added to the boot device.
Step 3
Step 4
Step 5
Step 6
Identify the image you want to manage, and double-click its Status field. The field changes to an editable row.
Choose the operation you want to perform from the Status drop-down list, then click Save. Your options are Active,
Deactivate, and Remove.
Click Apply above the images table.
Choose Administration > Job Dashboard to view details about the image activation job.
Cisco Evolved Programmable Network Manager 2.1.2 User and Administrator Guide
22
Manage Device Software Images
Commit Cisco IOS XR Images Across Device Reloads
Commit Cisco IOS XR Images Across Device Reloads
Note
For Cisco IOS XR devices, we recommend that you do not commit the package change until the device
runs with its configuration for a period of time, until you are sure the change is appropriate.
When you commit a Cisco IOS XR package to a device, it persists the package configuration across device
reloads. The commit operation also creates a rollback point on the device which can be used for roll back
operations.
If you want to distribute, activate, and commit an image in the same job, use the procedure described in
Distribute a New Software Image to Devices, on page 14 .
To commit an activated image, use the following procedure.
Note
If you are only working on a single device, perform the commit operation from the Device Details page
(click the Image tab, choose the image, and click Commit).
Step 1
Choose Inventory > Device Management > Software Images.
Step 2
Step 3
Step 4
Click the Commit icon in the Software Image Management Lifecyle widget.
Select the devices with the image you want to commit and click Submit. (Images can only be committed if they have
been activated.)
Select the software image you want to activate, then click Submit.
Step 5
Step 6
In the Schedule Distribution area, schedule the commit job to run immediately, at a later time, or on a regular basis.
Click Submit.
Step 7
Choose Administration > Job Dashboard to view details about the image activation job.
Roll Back Cisco IOS XR Images
Rolling back a Cisco IOS XR image reverts the device image to a previous installation state—specifically, to
an installation rollback point. If an image has been removed from a device, all rollback points associated with
the package are also removed and it is no longer possible to roll back to that point.
A rollback job can only be performed on one device at a time. You cannot perform a rollback for multiple
devices in the same job.
Cisco Evolved Programmable Network Manager 2.1.2 User and Administrator Guide
23
Manage Device Software Images
Check the Network Audit for Software Image Operations
Note
Step 1
Step 2
Step 3
Step 4
Step 5
The rollback feature is only supported on Cisco IOS-XR devices such as Cisco ASR 9000 devices.
Choose Inventory > Device Management > Network Devices, then click the device name hyperlink for the device
with the image you want to roll back.
Click the Image tab and expand the Rollback Info area.
Select the software image Commit ID you want to roll back to, and click Rollback. The Rollback Scheduler opens.
If you want to commit the image after the rollback operation completes, check Commit After Rollback.
In the Schedule Rollback area, schedule the rollback job to run immediately or at a later time, and click Submit.
Check the Network Audit for Software Image Operations
To get historical information about device software image changes, check the Network Audit.For more
information on the Network Audit feature, see .
Step 1
Choose Inventory > Network Audit. To filter the results to show only image management operations, enter software
image in the Audit Component field.
Cisco Evolved Programmable Network Manager 2.1.2 User and Administrator Guide
24
Manage Device Software Images
Delete Software Image Files from the Image Repository
Step 2
Expand an event drawer to get details about a device change. For example, if you expand the drawer highlighted in the
above figure, you can see that the image listed in the job was successfully distributed to the device.
Device/Module ID
Distribution Option : ActivatePatches
Distribution Option : BackUpCurrentImageFetch
Distribution Option : CfgXferProtocolOrder
Distribution Option : Commit
Distribution Option : DeviceUpgradeMode
Distribution Option : HaltUponError
Distribution Option : ISSUUpgrade
Distribution Option : ImgXferProtocolOrder
Distribution Option : InsertBootCommand
Distribution Option : JobDirectory
Distribution Option : RebootImmediately
Distribution Option : RebootMode
Distribution Option : SCPDirectory
Distribution Option : SkipDistribution
Distribution Option : TftpDirectory
Distribution Option : TftpFallback
Distribution Option : UpgradeMode
Distribution Option : UseSSH
Operation
Running Image File Name
Running Image File Name
544544
Yes
No
TELNET, SSH
No
currentlyExists
No
No
SCP,SFTP,FTP,TFTP
No
/opt/CSCOlumos/conf/ifm/swim/jobs
No
Sequential
/localdisk/sftp
No
/localdisk/sftp
No
Sequential
Yes
Starting distribution of image to device
asr903rsp1-universalk9_npe.03.13.00.S.154-3.S-ext.bin
asr903rsp1-universalk9_npe.03.13.00.S.154-3.S-ext.bin
Delete Software Image Files from the Image Repository
Software images can only be manually deleted from the image repository; Cisco EPN Manager does not
perform any automatic purging of the image repository. If you have sufficient privileges, you can use the
following procedure to delete software image files from the image repository.
Step 1
Step 2
Step 3
Choose Inventory > Device Management > Software Images.
From the Software Images Summary panel on the left, select the images that you want to delete.
Click Delete.
Cisco Evolved Programmable Network Manager 2.1.2 User and Administrator Guide
25
Manage Device Software Images
Delete Software Image Files from the Image Repository
Cisco Evolved Programmable Network Manager 2.1.2 User and Administrator Guide
26
Download PDF
Similar pages