In a lab environment it might be handy to quickly rollout new (virtual) routers without much manual intervention. The following script creates a VirtualBox-VM and boots it up. Prepare Install VirtualBox and have a CSR1000V-ISO-File ready. Execute The Inventory populates: Use it After another reboot the serial console can be accessed by a windows pipe: The pipe provides access to the serial-console:Read More →
It’s a two step process to get rid of insecure username/password-authentication. Generate a RSA keypair at your SSH-client btw. Cisco-IOS doesn’t support DSA-keys Configure your network device(s) to assign the (public-)key of this keypair to an user-account This user-account could get privileges from a Radius/TACACS+-Server which could provide access-logs, too. Generate RSA-Key: Windows as SSH-Client I prefer Putty, usually in form of „mRemoteNG“, so i use PuttyGen to generate the RSA keypair. Windows.Start => PuttyGen (x) RSA, 4096-bits are supported, use it [Generate] move the mouse to improve the randomgenerator change the „comment“ – for example replace it by an username add a passphrase –Read More →
Background: Python-Requests wants to verify https-certificates, which makes sense to me. – but my VCenter uses a self-signed Certificate Don’t think about ignoring certificate errors 😉 Prerequisites Download the certificate from the VCenter: Install the certificate: Now Python.requests validates the vCenter: Add the Export to ~/.bashrc at the end of the fileRead More →
…this article should have been published at 2017-11-23, i forgot to press the right botton. So, an update might be needed, anyone still interested in cot today? Release 2.1 (2018-01-29) is the current release, containing some fixes (https://github.com/glennmatthews/cot/blob/master/CHANGELOG.rst) COT installation using PIP So, let’s go, following thats embarassing. Install PIP first Try it again Optional: Argument-Completion Not essential, but handy. COT helpers A full installation requires so called „cot-helpers“ to use all features. first fix „fatdisk“ which is used to inject configs into OVA-Files uncomment to and run the helper-installation again: But it threw a lot of warnings.. warning: format ‘%lu’ expects argument of typeRead More →
A new linux-VM takes ages to boot: it waits for 2 minutes for the network to come up Whats the reason for the delay? „routable“ interfaces with not router-address provided by the dhcp-service never come up for the „networkd-wait-online“-service. find more information at GitHub Issue 3752 – systemd-networkd can’t configure interface if dhcp server does not provide routers State: forever „configuring“ not „configured“ Background information „enp0s3“ is a virtual-box „host-only“ network with no routing provided Action Plan: „Set this interface to not be checked.“ locate the systemd-unit-file: Path: /run/systemd/generator/network-online.target.wants File: systemd-networkd-wait-online.service Edit (sudo) file add „ignore“-Option docs: networkd wait online service The service specific configurationRead More →
It should be easy, and it is – but no single-command installation: Look at the Ubuntu Packet-Search for Ansible: it’s in the „universe“-repository Add the „universe“-repository: Now it works: Which version? as „packages.ubuntu.com“ said: 2.5.1Read More →
Just added a second NIC to a Linux-VM… new config-style – new luck 🙂 Ok, it seems to be easy to get back to good-old network-config-style. But after reading https://netplan.io/examples this seems to be very handy. The initial „netplan-file“ references only the initial NIC: What’s the ID of the new NIC? it’s „enp0s8“ Create a backup Modify the Netplan-File: Activate the new Config: Verify the resultRead More →
Today i wanted to stop using hard-coded S3-Credentials in my scripts running on EC2-Instances. Create an IAM-Role Services IAM Roles [Create Role] Select type of trusted entity AWS-Service EC2 [Next: Permissions] Attach permissions policies AmazonS3ReadOnlyAccess Review Role name: READ_S3 Attach Role to EC2-Instance Services EC2 Instances Instance Settings attach IAM-Role READ_S3 Prepare Linux Setup Within the EC2-Instance to which the IAM-Role has been attached. Check Access to „meta-data“ => „IAM“ => „Security-Credentials“ The Script has to know the name of the role to use. Fetch the IAM-Role-Credentials using python.requests() Attention: recreated the Role in the meantime, so the credentials have been modified. Use the credentialsRead More →
The CSR1000V-Router has already been prepared (Create a CSR1000V-Instance with nested Virtualiation support) and in (Part 4: Package the Service-VM into an OVA) we copied the OVA-Image of our „ubuntu-server“-VM to this Router. Add the internal Network-Interface between Router and Service-VM Install the Service-VM Activate the installed Service-VM Access the VM using the (virtual) Serial-Console Logout: 3x [CTRL]+ Access the VM using SSH via the internal Network Check the local python/NAPALM-Setup to get facts about the containing routerRead More →
Designed using Dispatch WordPress Theme. Powered by WordPress.