Firmware Updates on Cisco C220M3 Servers, Flash & Java

TLDR

To Update Firmware:

-use a really old web browser that has Flash Support, I use Mozilla that is built into Parted Magic circa 2017, log into the CIMC

-launch the remove KVM, feature, save the JNLP file to an USB thumb drive

-run that java file on a computer that has Java installed, after adding the IP of the CIMC into the security exceptions control panel, within 90 seonds of downloading it, else it times out.

-Activate Virtual Boot Devices, mount the ISO, power on the server and choose "Cisco mapped vKVM DVD"

LONG VERSION

Cisco makes some really rock solid hardware, and rightly so considering the price one pays.  However Cisco (among others) is not best at providing support in the form of firmware and driver support equipment after they deam them are End-Of-Life.   

Cisco's version of IMPI is known as CMC (Cisco Interface Magagment Console?), much like HP's ILO and Dell's iDRAC.  It workes(ed) quite well.  Lots of details, configurations, and statistics.  However It was built on Adobe's Flash technology and the remote IP based KVM is based on Java.  Several years ago 2017 is when Flash was set to be sunsetted, for security reasons.  Cisco's response was basically more or less: "meh, if you want to run 5 year old servers, you are on your own, buy new stuff".

<taken from Cisco Support site>

Support for Web UI Interface on Cisco UCS M3 Rack Server Software Post Flash Deprecation

The Cisco Cloud and Compute organization at Cisco expects that the Web UI interface of UCS M3 Standalone Rack Server Software – Cisco IMC – will not be accessible on future versions of web browsers that are going to deprecate support for Flash Player based content.

Cisco started shipping UCS C-Series and S-Series M3 Servers in 2012 and announced in 2015 and 2016 the EOL of all M3 rack server models, before Adobe announced the EOL of Flash Player support in July 2017. While we will continue to provide applicable service and support such as critical security fixes via patch releases for M3 servers through the End of Support date in December 2021, we do not plan to retrofit UCS C-Series and S-Series M3 platforms with HTML5-based Web UI interface for Cisco IMC.

Well now, that is just great.  Yes these servers were released to the market around 2012, and when Flash was set to die they would have been roughly 5 years old, and outside of the normal 3 year warranty window.  Making them roughly 10 year old machines at the time of post.  This wouldn't have been to bad of an issue, but browsers and operating systems have made it next to impossible to use Flash and hard to use Java.  So manufactures like Cisco made servers with feature we could no longer use, and decided to not give its customers a viable alternative.

Some driver and firmware updates have trickled through, thank you Cisco, however we have issues.  In order to obtain firmware updates, one must have a current Cisco Support contract!  The downloads are essentially behind a pay-wall!  Boo!  

Then assuming one can obtain the firmware ISO, the normal thing to do is to write the image to a USB thumb drive, boot the server from that thumb drive which loads a specialized Linux environment to do the updates.  However nearly every version yeilds some sort of error during the boot process.  I literally tried six version and different ways of writting the ISO's, each had a different failure.

Ok well when one logs into the CIMC there is an option to update the BIOS and some firmware.  However when pointing this feature to the various files on that thumb drive (derived from the ISOs) web interface complains.  

I found on another internet resource that this says this is somewhat common, and the solution is to boot server to the ISO image, that is mapped through the virtual IP based virtual KVM.  Interesting, but the problem with that is what I wrote previously; to get at the IPvKVM one needs to use both Flash and Java!  

So my work around was to boot to a workstation to an old copy of PartedMagiv, which has an old copy of Mosilla on it which does support Flash and allows one to log in and do the normal things!  Great!  However it does not have Java  I spent sometime attempting to get Java installed and gave up.  Perhaps it would have worked if this was a traditonal Linux install vs a "rescue USB boot environment".  


Click the launch virtual KVM link, download the .jnlp file.  Take that file and get it to a different computer that has a Java installed, and has the IP of the CIMC placed in the security exceptions tab. Launch the JNLP file.  Activate virtual boot devices (this allows for the server to boot to devices through the vKVM).  Mount the ISO as a DVD.  Power on the server, press F6 to get to the boot menu and choose Cisco vKVM vDVD.  Just to re-explain that, we are using the virtual KVM software, to present the ISO image as a DVD drive to the physical server.  Also from the time one downloads the Java file to launching it, there is a timeout; if one doesn't launch that JNLP file in something like 90 seconds it won't work and it will have to be re-downloaded, re-transfered, and re-launched.
The server will boot into the update environment and all will be well.  Be really patient as it will take a really long time to load.  I have no idea what is different about how this proceedure works, but yet booting off oa USB thumb drive fails in the process.  

If anyone else has tips or tricks for dealing with managing hardware that requires Adobe Flash and Java please comment bellow.

No comments:

Post a Comment