This documentation helps network administrators and support personnel install install and manage Aruba, Dell, and Mellanox network devices in a CSM install.
The HPE Cray recommended way of configuring the network is by using the CANU tool. Therefore this guide will not go into detail on how to configure each switch manually using the CLI. Instead, it will give helpful examples of how to configure/use features generated by CANU, in order to provide administrators easy ways to customize their installation.
Also included in this guide are the current documented and supported network scenarios.
NOTE
Not every configuration option is covered here; for any configuration outside of the
scope of this document, refer to the official
Aruba, Dell, or Mellanox user manuals.
This document is intended for network administrators and support personnel.
NOTE
The display and command lines illustrated in this document are examples and might not
exactly match any particular environment. The switch and
accessory drawings in this document are for illustration only, and may not exactly match installed
products.
If CSM has been installed and Vault is running, add the switch credentials into Vault. Certain
tests, including goss-switch-bgp-neighbor-aruba-or-mellanox
use these credentials to test the
state of the switch. This step is not required to configure the management network. If Vault is
unavailable, this step can be temporarily skipped. Any automated tests that depend on the switch
credentials being in Vault will fail until they are added.
(ncn-mw#
) Write the switch admin password to the SW_ADMIN_PASSWORD
variable if it is not already set.
The use of
read -s
is a convention used throughout this documentation which allows for the user input of secrets without echoing them to the terminal or saving them in history.
read -s SW_ADMIN_PASSWORD
(ncn-mw#
) Run the following commands to add the password to Vault.
VAULT_PASSWD=$(kubectl -n vault get secrets cray-vault-unseal-keys -o json | jq -r '.data["vault-root"]' | base64 -d)
alias vault='kubectl -n vault exec -i cray-vault-0 -c vault -- env VAULT_TOKEN="$VAULT_PASSWD" VAULT_ADDR=http://127.0.0.1:8200 VAULT_FORMAT=json vault'
vault kv put secret/net-creds/switch_admin admin=$SW_ADMIN_PASSWORD
To check the current state of the switches, see Upgrade.
1.0 Config
: Non-generated switch configurations1.2 Preconfig
: CANU-generated configurations for CSM 1.01.2 Config
: CANU-generated configurations for CSM 1.2Situation | Link |
---|---|
Upgrade CANU to the latest version | Install/Upgrade CANU |
Upgrade to CANU-generated configurations from non-CANU-generated configurations | Upgrade |
Current switch configurations are CANU-generated and need to go to 1.3 | 1.3 (Preconfig) to 1.3 |
Switches have no configuration on them | Fresh Install |
Reinstalling the same CSM version | Re-install |
New hardware was added to the system | Added Hardware |
Switch failed and needs to be replaced | Replace Switch |
The user guides contain information such as generic configuration examples, explanation of currently used technologies, topology maps, and a summary of the network design used in the CSM management network.
See CSM Automatic Network Utility (CANU).
Page | Description |
---|---|
Collect data | Input data needed to generate switch configurations |
Cable Management Network Servers | Shows how servers in CSM should be cabled |
SHCD HMN Tab/HMN Connections Rules | Shows how the HMN tab on the SHCD should be formatted |
SHCD Connection Rules | Shows how the all tabs on the SHCD should be formatted EXCEPT the HMN tab |
Backup Custom Configuration | Shows users how to backup configuration that is custom to their system; this includes site connections and credentials |
Configuration Management | Shows users how to save a running configuration to the switch for backup purposes or to switch between different switch configurations |
Validate Switch Configuration | Compares the configuration on a running system to what is generated |
Wipe Management Switches | Erase the switch configuration; this is useful for fresh installs |
Generate Switch Configurations | Generate configurations for all management switches |
Manual Switch Configurations | Some configuration needs to be done manually (authentication/SNMP) |
Validate SHCD | Validate the SHCD against the CSM network architecture |
This release applies to the following product models:
8320
switch series8325
switch series8360
switch series6300
switch seriesSN2100
switch seriesSN2700
switch seriesS3048-ON
switch seriesS4148T-ON
switch seriesS4148F-ON
switch seriesFor architecture and naming convention information, see Cray Network Architecture model.
These sections list enhancements, fixes, and known issues for this version of the Shasta management network.
Software enhancements are listed in reverse-chronological order, with the newest on the top of the list.
Unless otherwise noted, each network version listed includes all enhancements added in earlier versions.
In the Shasta management network version 1.2, Spanning-tree configuration is changing from RPVST (RSTP) to MSTP, in order to allow for better vendor interoperability and simplified Spanning-tree configuration. The new default configuration is as follows:
The following are known open issues with this branch of the software.
The Symptom statement describes what a user might experience if this is seen on the network. The Scenario statement provides additional environment details and trigger summaries. When available, the Workaround statement provides a workaround to the issue.
Known and fixed issue are listed in the CANU release notes. See CANU releases.
To initiate a subscription to receive future HPE Security Bulletin alerts via email,
see the HPE Support Center
.
A Security Bulletin is the published notification of security vulnerabilities and is the only communication vehicle for security vulnerabilities.