Deploying an OS image

A Deploy OS Image action loads an OS image binary or binaries to one or more devices. You can load an image from the following locations:

A disk file on your local desktop
The OS Image Library
A device's previously active image
A disk file on a remote file server

For the first three cases, the OS image is stored in the TrueSight Network Automation database, and the file is copied from the device agent to the device; this configuration is referred to as a local image. In the fourth case, the image is located only on the remote file server, and the file is copied from the file server to the device; this configuration is referred to as a remote image.

Note

OS images included as files in the Deploy OS Image span actions must be less than or equal to (<=) 1GB.

This section contains the following topics:

Deploy OS Image tips and tricks

It is critical to ensure the Admin > System Parameters > Timeout for Image File Transfers value is set to accommodate the transfer of your largest image size and slowest WAN connection between the device agent and the device, and between the remote file server and the device.
Perform a Snapshot OS Image span action if the current device's OS binary is not currently stored in the local or remote OS Image Library (optional, but recommended). This action ensures that the image is available if a rollback is required, and will ensure optimum performance during the deploy action (because the system will skip taking a snapshot of the current binary when it detects that the image is already stored in the library). It also gives you the opportunity to troubleshoot failed snapshots separately (such as a too-short file transfer timeout) because the deploy action will ignore such failures.
Determine the location from where the OS image will be loaded:
- OS Image Library: OS image must be added to the library in advance.
- Image file: File or files must already be downloaded onto your client workstation.
- Prior image installed at a specific date/time
- Remote file server: File or files must already be downloaded onto the remote file server.
Ensure that the image to be deployed and the existing image in the device are of the same type. Network Automation cannot deploy an OS image if the image types are different. For example, in case of Cisco IOS device types, it cannot deploy a bin if the archive type is detected on the device and vice-versa.
Network Automation cannot deploy an image if existing image in a device is of archive type or if existing image in device in non-archive style i.e .bin file.
When loading a vendor's OS image file, follow these steps:
1. Verify from the vendor that the OS image is compatible with the device model. Some devices (such as Cisco IOS) do not verify that a file declared to be an image actually is one; ensure that you do not mix up your image files.
2. Get the device memory requirements (for example, 32MB) for the image and verify that sufficient memory is available on the target devices. For Cisco IOS, IOS XR, and Nexus, the total, used and free memory is available in the Device View (by clicking the device name) and Device Inventory report.
3. Get the Message Digest (MD5) from the vendor for the image. Network Automation verifies the MD5 when loading the image to the library and after loading the image to the device.
4. If needed, get the activation key for the image (for example, Cisco ASA/PIXOS).
5. Determine the device's target file system for loading the image. Based on the device file system size, decide whether you need to delete the current OS image. For Cisco IOS Switch/Routers, the total, used, and free flash is available in the Device View (by clicking device name) and Device Inventory report. If you select the option to never delete the current OS image, Network Automation loads the OS image only when sufficient space is available.
When loading to a Cisco Nexus device, you can specify one, two, or three image files, to allow you to load the system, kickstart, or policy agent images or all three. You can choose any combination of images depending on what the vendor has updated. Each file will be transferred to the device individually, so the Timeout for Image File Transfers system parameter needs to be long enough to account for the largest single file transfer (not for all three file transfers combined).

Pre-load checks

Network Automation performs the following checks before loading an OS image:

When the user selects an image from the OS Image Library, the system verifies the image compatibility with the device's model and device type.
For devices that support discovery of memory sizing, the system compares the entered memory footprint against the amount of total memory in the device. If the image memory footprint exceeds the device's total memory, the image load is aborted.
The system discovers the total and available size of the existing image file systems within the device. The user has the option to delete the current OS image to make room for the new image. If the size of the image file that the system is attempting to load is greater than the target files ystem's available space, the image load is not attempted.
For a local image, if the device's current OS image is not in the OS Image Library, the system automatically takes a snapshot of the device's current OS Image and puts it into the library before deploying the new image. If for some reason the image deploy attempt fails or you want to rollback in the future, the prior image is available to recover.

Post-load checks

Network Automation performs the following checks after loading the OS image:

When supported by the device, performs a MD5 checksum on the new image file loaded to the device's file system to ensure that the image has not been corrupted during the transfer.
Updates the configuration file for the new boot sequence. For example:
- For Cisco IOS:
  no boot system oldImageFileSystem:oldImageFilename
  boot system newImageFileSystem:newImageFilename
- For Cisco CatOS
  If the old image was deleted:
  clear boot system flash oldImageFileSystem:oldImageFilename
  set boot system flash newImageFileSystem:newImageFilename
  If the old image was not deleted:
  set boot system flash newImageFileSystem:newImageFilename prepend
If the user specifies a reboot on the Deploy OS Image action, Network Automation checks the OS update execution by restarting the device to the new OS and performing a configuration snapshot. The snapshot does a discovery, so it performs the following actions:
- Backs up the configuration (to force a snapshot because of a new OS)
- Updates the OS version and OS release data for the device
- Updates the OS image history for the device

Additional notes for Cisco 6500 Hybrid Mode (CatOS on the Supervisor Engine and Cisco IOS Software on the MSFC)

The OS Image Deploy and Snapshot operations rely on the following conditions:

The Multilayer Switch Feature Card (MSFC) must be an independent node on the network that can be accessed like any other device, that is, log on, snapshots, and so forth.
The MSFC can have its current system image on its local bootflash or on the Supervisor Engine Personal Computer Memory Card International Association (PCMCIA) card (sup-slot0:-).
Network Automation supports loading the MSFC boot system image only; Network Automation does not support loading the boot loader image.
When the MSFC stores its image on its own bootflash, it behaves like any other IOS device during OS Image Snapshot or Deploy.
When the MSFC stores its image on the Supervisor Engine:
- The user name, password, and privileged password used to log on to the MSFC must be the same as that on the CatOS Supervisor Engine.
- The Supervisor Engine must be running in slot 1 so that the MSFC command session slot 1 processor 1 reaches it.
- The Supervisor Engine's CatOS must prompt for login user name, login password, and privileged password (that is, must not skip any prompts).

To run a Deploy OS Image action

On the Add Job page, select Add Actions > Span Actions > Deploy OS Image.
Enter information in the following fields:

If you selected to load From Remote File Server, enter information in the following fields; you may specify one, two, or three files:

Field	Description
Image File Type	Choose the type of image that this file contains; for most devices, System is the one and only type of image that is supported. Cisco Nexus also supports Kickstart and Policy Agent. By specifying the correct image file type, the system can build the appropriate image installation command line.
Remote File Name	Enter the name of the file on the remote file server. This file must be stored where the file transfer server and the associated user can access it.
Message Digest(MD5)	Enter the vendor-supplied MD5. The system verifies that the MD5 matches the data in the file, and verifies that it matches the image file's contents after it is transferred to the device.
File Size (bytes)	Enter the size of the file in bytes, because the system has no access to the file data to calculate this value automatically. The system verifies that sufficient space is available on the device to store the file.
Remote File Transfer Mode	Specify how the file is to be transferred from the remote file server to the device. The remote file server must be running the correct file transfer service or daemon for the selected transfer mode. For FTP and SCP, the logon credentials are included in the remote file server definition.

Select any of the following options:
In the Reboot Options field, specify a reboot option for the Deploy OS Imageaction:
- Commit Changes Prior to Reboot: Default. Execute a Commit action before the reboot to save the Running configuration to the Startup configuration.
- Do Not Reboot: Only load the new OS image file or files; do not reboot to activate the image.
- Ignore Uncommitted Changes and Reboot: Force the Startup configuration to overwrite the Running configuration. Running configuration changes are not saved.
In the Delete Current OS Image field, specify what must be done with the current OS image binary installed on the device. For all the options, Network Automation first checks to see whether the image being loaded is larger than the entire target file system. If so, the load is terminated with an error. Also, current image deletion occurs only when you select to load the new image to the same file system (that is, choose Default as the target file system).
- Only When Free Space Required: Network Automation checks to see whether there is sufficient space for the new image. If sufficient space is available, the current image is not deleted. Otherwise, Network Automation checks to determine if deleting the current image results in sufficient space for the new image. If not, and if the device supports erase file system (for example, Cisco IOS), Network Automation erases the file system and loads the new image; otherwise, the load is terminated with an error.
- Never: If the size of the image being loaded is more than the available file system space, the load is terminated with an error.
- Always: Network Automation checks to determine whether deleting the current image results in sufficient space for the new image. If not, and if the device supports erase files system (for example, Cisco IOS), Network Automation erases the file system and loads the new image; otherwise, the load is terminated with an error.
Note
- If the current image has been deleted and there is an error loading the new image, the current image is reloaded along with the configuration file before the load attempt is abandoned on the device, so that the device is in its original state.
- If the current image has not been deleted, its reference is retained in the configuration file so that the device is booted with the current image, in case the new image is corrupted.
In the Target Image Filesystem field, select where to store the new OS image on the device. Default means to store it on the same file system where the current image is stored.
Click Save to add the action to the job.