Late last year, Cisco posted “Get NSO for Free!” and since NSO is available for Lab/PoC use for developers. This post is to introduce how to install NSO on Ubuntu16.04, and brief introduction of what it can do.
Pros:
- Service Lifecycle management, not just a configuration management
- Service provisioning of multiple vendor
- Versatile vendor support –ref. “Network Services Orchestrator Network Element Drivers“. You can create your own NED as well.
- High Resiliency, Scalable
- Low learning cost to model services because it uses generic YANG model(with xml)
- Expose API
Cons:
- Subscription is required
1. Install pre-requisite
You can follow instruction in Getting NSO to run NSO. I used ubuntu 16.04 on GCP to install NSO.
First, you need to install Java:
# add repository to install Java k_shogo@ubuntu16-nso:~$ sudo add-apt-repository ppa:webupd8team/java k_shogo@ubuntu16-nso:~$ sudo apt-get update k_shogo@ubuntu16-nso:~$ sudo apt-get install -y oracle-java8-installer k_shogo@ubuntu16-nso:~$ java -version java version "1.8.0_201" Java(TM) SE Runtime Environment (build 1.8.0_201-b09) Java HotSpot(TM) 64-Bit Server VM (build 25.201-b09, mixed mode) k_shogo@ubuntu16-nso:~$ javac -version javac 1.8.0_201
And install Apache ant:
k_shogo@ubuntu16-nso:~$ wget http://mirror.evowise.com/apache//ant/binaries/apache-ant-1.10.5-bin.tar.gz
k_shogo@ubuntu16-nso:~$ sudo tar -xf apache-ant-1.10.5-bin.tar.gz -C /usr/local
k_shogo@ubuntu16-nso:~$ sudo ln -s /usr/local/apache-ant-1.10.5/ /usr/local/ant
k_shogo@ubuntu16-nso:~$ {
> echo ANT_HOME=/usr/local/ant | sudo tee /etc/profile.d/ant.sh
> echo PATH=${ANT_HOME}/bin:${PATH} | sudo tee /etc/profile.d/ant.sh
> }
k_shogo@ubuntu16-nso:~$ source /etc/profile
k_shogo@ubuntu16-nso:~$ ant -version
Apache Ant(TM) version 1.10.5 compiled on July 10 2018
2. Install NSO
From “Get NSO for evaluation (Linux)“, get NSO packages. You need CCO account to download this.
k_shogo@ubuntu16-nso:~$ unzip nso-4.7.linux.x86_64.zip k_shogo@ubuntu16-nso:~$ cd nso-4.7.linux.x86_64/ k_shogo@ubuntu16-nso:~/nso-4.7.linux.x86_64$ ll total 184184 drwxrwxr-x 2 k_shogo k_shogo 4096 Mar 22 22:14 ./ drwxr-xr-x 5 k_shogo k_shogo 4096 Mar 22 22:14 ../ -rw-rw-r-- 1 k_shogo k_shogo 188588188 Sep 5 2018 nso-4.7.linux.x86_64.signed.bin -rw-rw-r-- 1 k_shogo k_shogo 3335 Sep 5 2018 README-NSO k_shogo@ubuntu16-nso:~/nso-4.7.linux.x86_64$ sh nso-4.7.linux.x86_64.signed.bin k_shogo@ubuntu16-nso:~/nso-4.7.linux.x86_64$ sh nso-4.7.linux.x86_64.installer.bin $HOME/nso-4.7 k_shogo@ubuntu16-nso:~/nso-4.7.linux.x86_64$ source $HOME/nso-4.7/ncsrc k_shogo@ubuntu16-nso:~/nso-4.7.linux.x86_64$ echo $NCS_DIR /home/k_shogo/nso-4.7
In NSO, you need to have a project folder to launch. I create a directory called “ncs-run” for this test.
k_shogo@ubuntu16-nso:~$ ncs-setup --dest $HOME/ncs-run k_shogo@ubuntu16-nso:~$ ll ncs-run/ total 44 drwxrwxr-x 7 k_shogo k_shogo 4096 Mar 23 07:41 ./ drwxr-xr-x 7 k_shogo k_shogo 4096 Mar 23 07:41 ../ drwxrwxr-x 2 k_shogo k_shogo 4096 Mar 23 07:41 logs/ drwxrwxr-x 2 k_shogo k_shogo 4096 Mar 23 07:41 ncs-cdb/ -rw-rw-r-- 1 k_shogo k_shogo 9357 Mar 23 07:41 ncs.conf drwxrwxr-x 2 k_shogo k_shogo 4096 Mar 23 07:41 packages/ -rw-rw-r-- 1 k_shogo k_shogo 627 Mar 23 07:41 README.ncs drwxrwxr-x 4 k_shogo k_shogo 4096 Mar 23 07:41 scripts/ drwxrwxr-x 2 k_shogo k_shogo 4096 Mar 23 07:41 state/
To use network devices, you need Network Element Drivers. Usually you need to get a separate subscription, but some of them are bundled in this edition of NSO. Copy them to the project folder.
k_shogo@ubuntu16-nso:~$ cp -r $HOME/nso-4.7/packages/neds/* $HOME/ncs-run/packages k_shogo@ubuntu16-nso:~$ ll ncs-run/packages/ total 32 drwxrwxr-x 8 k_shogo k_shogo 4096 Mar 23 08:29 ./ drwxrwxr-x 8 k_shogo k_shogo 4096 Mar 23 08:24 ../ drwxr-xr-x 8 k_shogo k_shogo 4096 Mar 23 08:29 a10-acos/ drwxr-xr-x 7 k_shogo k_shogo 4096 Mar 23 08:29 cisco-ios/ drwxr-xr-x 8 k_shogo k_shogo 4096 Mar 23 08:29 cisco-iosxr/ drwxr-xr-x 8 k_shogo k_shogo 4096 Mar 23 08:29 cisco-nx/ drwxr-xr-x 8 k_shogo k_shogo 4096 Mar 23 08:29 dell-ftos/ drwxr-xr-x 5 k_shogo k_shogo 4096 Mar 23 08:29 juniper-junos/
Now NSO is ready to run.
k_shogo@ubuntu16-nso:~$ cd $HOME/ncs-run/ k_shogo@ubuntu16-nso:~/ncs-run$ ncs_cli -u admin admin connected from xx.xx.xx.xx using ssh on ubuntu16-nso admin@ncs> admin@ncs> configure Entering configuration mode private # if you copy the NEDs correctly, the packages should be loaded [edit] admin@ncs> request packages reload >>> System upgrade is starting. >>> Sessions in configure mode must exit to operational mode. >>> No configuration changes can be performed until upgrade has completed. >>> System upgrade has completed successfully. ... admin@ncs> show packages package oper-status packages package a10-acos oper-status up packages package cisco-ios oper-status up packages package cisco-iosxr oper-status up packages package cisco-nx oper-status up packages package dell-ftos oper-status up packages package juniper-junos oper-status up
3. Register devices on NSO
I configured Cisco CSR1000v for this test. Minimum configuration is as follows:
hostname useast-csr01 ! username remote-admin secret supersecretpassword ! enable secret superexecpassword
On NSO, first we need to create auth group.
admin@ncs> configure Entering configuration mode private [edit] admin@ncs% edit devices authgroups group defaultauthgrp [edit devices authgroups group defaultauthgrp] admin@ncs% set default-map remote-name remote-admin [edit devices authgroups group defaultauthgrp] admin@ncs% set default-map remote-password supersecretpassword [edit devices authgroups group defaultauthgrp] admin@ncs% set default-map remote-secondary-password superexecpassword
Using this group, register a device to be managed.
[edit devices authgroups group defaultauthgrp]
admin@ncs% top
[edit]
admin@ncs% edit devices device useast-csr01
[edit devices device useast-csr01]
admin@ncs% set address x.x.x.x
admin@ncs% set authgroup defaultauthgrp
[edit devices device useast-csr01]
admin@ncs% set device-type cli ned-id cisco-ios
[edit devices device useast-csr01]
admin@ncs% set state admin-state unlocked
[edit devices device useast-csr01]
admin@ncs% request ssh fetch-host-keys
result updated
fingerprint {
algorithm ssh-rsa
value 74:95:a1:bb:67:b1:a4:5d:09:53:bf:97:25:88:67:b1
}
Once configured, commit the config
[edit devices device useast-csr01]
admin@ncs% commit
Commit complete.4. Test the connection
Everything is prepared to start managing the device. Let’s test.
# check if we can connect to the device
[edit]
admin@ncs% request devices connect
connect-result {
device useast-csr01
result true
info (admin) Connected to useast-csr01 - x.x.x.x:22
}
# sync device configuration "from" the device to NSO CDB
[edit]
admin@ncs% request devices sync-from
sync-result {
device useast-csr01
result true
}
Once device configuration is sync’ed from the device, you can check the configuration on NSO.
admin@ncs> show configuration devices device useast-csr01 config
ios:version 16.9;
ios:service {
timestamps {
debug {
...
That’s all for now. I will introduce more on service in the next post.