6100 / Fabric Interconnect factory reset

Unanswered Question
Mar 2nd, 2010
User Badges:

I've been running a UCS setup through its paces, and one of the questions that came up is the process of sanitizing a system to ensure no corrupt or malicious software or configurations are present. The objective is that erasing the configuration and firmware would suffice. Howver the only note regarding this that I have found pertains to "init system" which apparently erases bootflash:


Normally I wouldnt care, but there is information in that location (pnuos, nuova stuff etc) that I have been unable to locate online. Hence I am somewhat in a conundrum - can I wipe these files ? If not how do I reset the system back to factory (eg not just nuking the config) ? These files must exist somewhere since the mechanism to perform this action exists from the loader prompt.


Any proceedure or rough guide would be appreciated.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
Robert Burns Tue, 03/02/2010 - 22:55
User Badges:
  • Cisco Employee,

Running an "init-system" is a highly destructive change and should only be performed on the direction of Cisco TAC.  Access to this command requires back end access via a plugin which is only available to TAC.


For erasing a system you can use "erase configuration" or "erase samdb" from the local-management context.


Regards,


Robert

Risar29401 Tue, 03/02/2010 - 23:17
User Badges:

There is nothing about getting access to the loader that requires a TAC. The information on how to do that is included in almost every UCS or Nexus management paper / book or datasheet out there (its required for certain things, like password recovery). The commands included in the bootloader are not hidden at all, and the "init system" command is actually adressed in a number of places for the UCS, Nexus 7k, MDS9k etc etc.


So the question goes back to my original point - unlike the Nexus or MDS the UCS has some custom stuff there, but it does not appear to be downloadable. Since some organizations require the ability to fully wipe a device this capability should be there as you can clearly (its even documented) boot from a network device once inside the loader I know its possible - its just a matter of what the order is. (I assume you need more than just the system & kickstart for this).

kar-wai.chin Mon, 03/08/2010 - 07:36
User Badges:

I think you can utilize the write erase command in the CLI and reload the switch. It will go back to the setup prompt to allow you setup from scratch again

Christian Eck Thu, 03/11/2010 - 01:50
User Badges:

Hello,


have you tried erase system configuration in local mgmt ?

tenaro.gusatu.novici Fri, 07/30/2010 - 07:59
User Badges:

Hi there,


I've just received UCS system, did password recovery, loaded the system, logged in via console port and CLI is not accepting "write erase" command. Yes, I would like to clear previous config and start from begining, just as I received brand new UCS. Any advice?


Thanks,

Tenaro


SORRY, I should read more carefully. I've tried this from that special mode (by loading kickstart image) and seems like some config is deleted by system still remembers the password and system name. How to start setup wizard from CLI?

Martin Beckman Fri, 09/28/2012 - 07:26
User Badges:

issue the "connect local"

then issue "erase configuration"

then cry when you realize you just reset the production systems.

Actions

This Discussion

Related Content