In real life an hardware-ISR/ASR-Router might be the correct choice.
Create a CSR1000v-Instance with nested Virtualization support
But since the CSR1000v-Router supports Service-Containers, too – this is the chance to prove the setup in a lab environment:
- IOS-XE 3.17 is the first supported release, i’ll go with IOS-XE 16.7.1
- Option to enable unsigned containers
- any 3rd party KVM
- Libvirt based format / YAML manifest file
- Requires 4GB+ dedicated RAM
- ASR1000, ISR4000, CSR1000
5 Minutes to deploy the virtual CSR1000v-Router using COT
I’ll use COT (Common OVF Tool (COT) – Automated Lab-Router Deployment) to deploy my CSR1000v-Router:
user@ubuntu-server:~$ cot inject-config csr1000v-universalk9.16.07.01.ova -c ios-napalm.startup.cfg -o csr1000v-universalk9.16.07.01.napalm.ova Add disk file to existing (but empty) cdrom drive? [y] NOTICE : Overwriting existing disk Item in OVF cot --verbose deploy csr1000v-universalk9.16.07.01.napalm.ova esxi <VCENTER-HOST/IP>/<DATACENTER>/host/<ESXi-HOST/IP> -u <USER> -p <PASS> -n RTR-SERVICE-CONTAINER -d <DATASTORE> -S "telnet://:41001,server" -N GigabitEthernet1="Management" GigabitEthernet2=T24 GigabitEthernet3=T34 -c 2CPU-8GBBoot the Router
Check the Virtualization-Environment: fail 🙁
- Machine types disabled : KVM
SERVICECONTAINER# show virtual-service Virtual Service Global State and Virtualization Limits: Infrastructure version : 1.7 Total virtual services installed : 0 Total virtual services activated : 0 Machine types supported : LXC Machine types disabled : KVM Maximum VCPUs per virtual service : 1 Resource virtualization limits: Name Quota Committed Available -------------------------------------------------------------- system CPU (%) 75 0 75 memory (MB) 3072 0 3072 bootflash (MB) 20000 0 5554i forgot to enable nested-virtualization for the CSR1000v-Router-VM.
Action Plan
- Power-down the VM („Shut Down Guest“) again
- edit Hardware (Web-Client)
- boot the router again
Check again: works 🙂
- Machine types supported : KVM, LXC
SERVICECONTAINER#show virtual-service Virtual Service Global State and Virtualization Limits: Infrastructure version : 1.7 Total virtual services installed : 0 Total virtual services activated : 0 Machine types supported : KVM, LXC Machine types disabled : none Maximum VCPUs per virtual service : 1 Resource virtualization limits: Name Quota Committed Available -------------------------------------------------------------- system CPU (%) 75 0 75 memory (MB) 3072 0 3072 bootflash (MB) 20000 0 5553That’s it, the CSR1000V is ready.
Notice: vCPU-Limitation in CSR1000v
- Maximum VCPUs per virtual service : 1
Remember this, when creating the YAML-File for the OVA. (Part 4: Package the Service-VM into an OVA)