Is it possible to restrict a firmware upgrade template to a specific machine type?

I setup multiple firmware upgrade templates. They work great, most of the time...

We have our NOC staff scheduling and starting the firmware upgrades. Since they are doing these in the hundreds some human error is expected. Unfortunately twice they have selected the wrong device (different machine type requires a different firmware) for a firmware upgrade.

Since we do need to delete the old firmware to create space in both cases the old firmware was deleted fortunately it was noticed before the devices were rebooted but it was mostly luck, so these two times we were able to just put the old software images back on them without a site visit.

Any thoughts how to limit the firmware upgrade template to a certain machine type so this kind of human error can't occur?

If its not possible currently should we ask for it as a feature request, would it help others?

  • Maybe true but definitely not a solution.

    A work around is to not allow the firmware upgrade template to auto-detect the old firmware path. Instead for the delete firmware field enter in the neccessary commands to delete any potential old software file running on the valid machine type. Assuming that the machine type to be upgraded has a variety of software versions currently running that are not your target version this may be a long string: delete old-sw-option-1, enter, delete old-sw-option-2, enter... 


    A caveat is that none of the old software image/options can be running on any device that is not the target machine. Example you cant be upgrading from a software file which runs on both a target machine to be upgraded and a non targeted machine otherwise selected the wrong device could still delete a software file which you need.

    This will however stop the template running on an incorrect device, auto-detect its software, and delete a software file that has nothing to do with the software you are upgrading from. Not ideal solution so I hope we can get more responses/options but its something.

  • I have been Looking for this for a very very very Long Time.Not Ideal Solution so I hope we cam get more responses but its  something. I need help

  • I think you can define the device types within the Firmware Repository definitions.

    Ignore my list because this is just a lab environment with no Cisco gear.

  • Very interesting. From my testing that doesn't seem to have any impact on the firmware upgrade job. I added two machine types to a specific image in the firmware repository and than attempted running a firmware upgrade job using a template which refers to the image with the machine types added. I targeted a device which is a machine type that was not listed or added to that image in the firmware repository and it executed without any warning or error that I saw up until the point that it failed in the verification checks that I put into the template. 

    Since we can do verification checks before the reload occurs we can catch these problems when the job eventually errors but it would be alot better if the firmware image was restricted so a job or template using that firmware image could not run/target a machine type which is not allowed.

    thank you for the response by the way I was very excited to try it! Do you think that I should put a support ticket in as this should be limiting what devices are targeted or that adding the machine type to the firmware image is used for some other purpose? Let me know your thoughts when you have time or if you have any other ideas. Thank you in advance! 

  • I would check the official documentation.  If this is "supposed" to block mismatches, then I'd open a support case.

    Maybe you should put a feature request in NCM to enable this kind of blocking.