By:
On:
In: automation, linux
With: 0 Comments

The CSR1000V-Router has already been prepared (Create a CSR1000V-Instance with nested Virtualiation support) and in (Part 4: Package the Service-VM into an OVA) we copied the OVA-Image of our „ubuntu-server“-VM to this Router. Add the internal Network-Interface between Router and Service-VM Install the Service-VM Activate the installed Service-VM Access the VM using the (virtual) Serial-Console Logout: 3x [CTRL]+ Access the VM using SSH via the internal Network Check the local python/NAPALM-Setup to get facts about the containing routerRead More →

By:
On:
In: automation, linux
With: 0 Comments

Create the „Ubuntu Server“-VM using KVM on top of the „Ubuntu Desktop“-VM Run the „Virtual Machine Manager“ Create a new virtual Machine: (1) Create a new virtual Machine (2) Select the Installation ISO * and deselect „auto OS Detection“ (3) Choose Memory and CPU Settings (4) Create a virtual Hard-Disk for the VM (5) Give a name to the VM Boot the KVM-VM („Ubuntu Server“) Basic Setup: Language: Englisch my territory: other/Europe/Germany locale: en_US.UTF_8 Keyboard: German hostname: ubuntu-server user / password no home-directory encryption timezone Europe/Berlin use entire virtual disk (no need for „LVM…“ i think) no HTTP-Proxy no automatic updates [x] SSH-Server install GRUBRead More →

By:
On:
In: automation
With: 0 Comments

Yesterday I attended a short presentation held by David Barroso introducing the NAPALM-„Validation“-Module. Configuring the Network fully automated is just half the way to go. Checking the Network-State the other half. Python-Script Had to try it out the easy-way using just python (without ansible) first: Static YAML-File Validating against the following static „validate.yaml“-File: leads to the following result Whats wrong with the Router? „nested = True“ means – the issue is downward in the datastructure. In the example, the first Object with „nested = False“ is „prefix_length“ The Prefix-Length („Subnet-Mask“) is wrong: wanted: /25-Bit configured: /24-Bit. Validate the output of commands which use additional parametersRead More →

By:
On:
In: automation, linux
With: 0 Comments

Network Hosted Kernel Virtual Machine (KVM) Many Cisco Routers allow you to host your own virtual machine directly inside a router. DevNet: Cisco IOS KVM Service-Containers CSR 1000v ISR 4000 ASR 1000 I went through the documentation, especially Service-Containers-Tutorial.pdf and Ubuntu – Building a Service Container.pdf where very helpful. But i didn’t want to go the „Ubuntu-Desktop-14.04-LTS“-way which was described. „My“ Service-Container-VM should be: Ubuntu 16.04 LTS provides longer support (April 2021) Releases – Ubuntu Wiki Ubuntu Server save some compute/cpu/dram/harddisk-ressources by not installing an Ubuntu-Desktop-Environment inside the Router. Just network services, please! The whole deployment process can be accomplished in five steps: build aRead More →

By:
On:
In: automation
With: 0 Comments

No. There’s no need to export the IOS-Config, deploy another Router-VM using an OVA and import the old IOS-Config to this new router. even, if finetuned… This strategy might lower the downtime!? VMware uses this strategy when upgrading NSX-Edge-Gateways very successfully! But this is a lab environment, i’ll have to upgrade almost ten CSR1000v-Routers and there’s no time to do it manually router-by-router. The common process is as it has been for the last decades: copy the new csr1000v-bin-File into the routers bootflash verify the file set the boot-variable reboot Upload BIN-File into the routers There might be dozens of valid possibilities to get theRead More →

By:
On:
In: automation
With: 0 Comments

I usually use an „wr“-command-alias, an EEM-Applet or the IOS-Archive-Feature to copy the running-config to a central repository when an admin enters the „write“-command [copy running-config startup-config]. Sometimes it’s handy to pull the current running-config from a device. Following Centralized access to device-configuration and other state-information using NAPALM – NAPALM makes this very easy:Read More →

By:
On:
In: automation
With: 0 Comments

Is this SDN (Software defined Networking)? I think so! I really love to provision new Cisco CSR1000v lab-routers without the need to do everything manually in the graphical user interface. It’s possible to provision production-routers, too, of course: Just add your license-information to leave the 100Kbps-limit behind (which is no handicap for normal lab-usage). The Common OVF Tool (COT) (Documentation) enables me to do this by injecting an initial startup-configuration into the cisco-provided OVA-file before deploying it to an ESXi-host. Interactive Cisco CLI-Commands possible And, even better, the Cisco CSR1000V allows interactive CLI-commands within the injected configuration: building new bootflash-directories, creating a SSH-key. Injecting theRead More →

By:
On:
In: automation
With: 0 Comments

In Configure RMON Alarms&Events by script I’ve shown a short python-algorithm to to discover all Cisco class-based QoS (cbQoS) packet-/drop-counters and to generate RMON-alarms for each. The router monitors these counters every 300s, calculates the delta for the interval and raises RMON-events when there were packets/drops or when the have been before but not anymore. This RMON-event has been configured as an syslog-message to an syslog-receiver etc. The existing script just generated a list of cli-commands which had to be entered manually to the router-config. Not a valid aproach when having hundreds devices to be configured. Now i want the script to automatically configure theRead More →

By:
On:
In: automation
With: 0 Comments

Since I still want to build a centralized solution for automated configuration of RMON-alarms to monitor Cisco cbQoS-packet/drop-counters a solution to retrieve and modify device configurations was needed. The NAPALM (Network Automation and Programmability Abstraction Layer with Multivendor support) Framework seems to provide the required features. NAPALM Installation Some NAPALM-IOS dependencies have to be fulfilled first. The „partial installation“ seems to be not working anymore, the full installation uses some KB more ressources, not worth to think about the partial installation… IOS Preperation To allow remote-access to the centralized NAPALM server these features need to be enabled in each IOS device: Remote-Access via SSH, SCPRead More →