Late last year, Cisco posted “Get NSO for Free!” and since NSO is available for Lab/PoC use for developers. This post is to introduce how to install NSO on Ubuntu16.04, and brief introduction of what it can do.
Pros:
- Service Lifecycle management, not just a configuration management
- Service provisioning of multiple vendor
- Versatile vendor support –ref. “Network Services Orchestrator Network Element Drivers“. You can create your own NED as well.
- High Resiliency, Scalable
- Low learning cost to model services because it uses generic YANG model(with xml)
- Expose API
Cons:
- Subscription is required
1. Install pre-requisite
You can follow instruction in Getting NSO to run NSO. I used ubuntu 16.04 on GCP to install NSO.
First, you need to install Java:
|
1 2 3 4 5 6 7 8 9 10 |
# add repository to install Java k_shogo@ubuntu16-nso:~$ sudo add-apt-repository ppa:webupd8team/java k_shogo@ubuntu16-nso:~$ sudo apt-get update k_shogo@ubuntu16-nso:~$ sudo apt-get install -y oracle-java8-installer k_shogo@ubuntu16-nso:~$ java -version java version "1.8.0_201" Java(TM) SE Runtime Environment (build 1.8.0_201-b09) Java HotSpot(TM) 64-Bit Server VM (build 25.201-b09, mixed mode) k_shogo@ubuntu16-nso:~$ javac -version javac 1.8.0_201 |
And install Apache ant:
|
1 2 3 4 5 6 7 8 9 10 |
k_shogo@ubuntu16-nso:~$ wget http://mirror.evowise.com/apache//ant/binaries/apache-ant-1.10.5-bin.tar.gz k_shogo@ubuntu16-nso:~$ sudo tar -xf apache-ant-1.10.5-bin.tar.gz -C /usr/local k_shogo@ubuntu16-nso:~$ sudo ln -s /usr/local/apache-ant-1.10.5/ /usr/local/ant k_shogo@ubuntu16-nso:~$ { > echo ANT_HOME=/usr/local/ant | sudo tee /etc/profile.d/ant.sh > echo PATH=${ANT_HOME}/bin:${PATH} | sudo tee /etc/profile.d/ant.sh > } k_shogo@ubuntu16-nso:~$ source /etc/profile k_shogo@ubuntu16-nso:~$ ant -version Apache Ant(TM) version 1.10.5 compiled on July 10 2018 |
2. Install NSO
From “Get NSO for evaluation (Linux)“, get NSO packages. You need CCO account to download this.
|
1 2 3 4 5 6 7 8 9 10 11 12 13 |
k_shogo@ubuntu16-nso:~$ unzip nso-4.7.linux.x86_64.zip k_shogo@ubuntu16-nso:~$ cd nso-4.7.linux.x86_64/ k_shogo@ubuntu16-nso:~/nso-4.7.linux.x86_64$ ll total 184184 drwxrwxr-x 2 k_shogo k_shogo 4096 Mar 22 22:14 ./ drwxr-xr-x 5 k_shogo k_shogo 4096 Mar 22 22:14 ../ -rw-rw-r-- 1 k_shogo k_shogo 188588188 Sep 5 2018 nso-4.7.linux.x86_64.signed.bin -rw-rw-r-- 1 k_shogo k_shogo 3335 Sep 5 2018 README-NSO k_shogo@ubuntu16-nso:~/nso-4.7.linux.x86_64$ sh nso-4.7.linux.x86_64.signed.bin k_shogo@ubuntu16-nso:~/nso-4.7.linux.x86_64$ sh nso-4.7.linux.x86_64.installer.bin $HOME/nso-4.7 k_shogo@ubuntu16-nso:~/nso-4.7.linux.x86_64$ source $HOME/nso-4.7/ncsrc k_shogo@ubuntu16-nso:~/nso-4.7.linux.x86_64$ echo $NCS_DIR /home/k_shogo/nso-4.7 |
In NSO, you need to have a project folder to launch. I create a directory called “ncs-run” for this test.
|
1 2 3 4 5 6 7 8 9 10 11 12 |
k_shogo@ubuntu16-nso:~$ ncs-setup --dest $HOME/ncs-run k_shogo@ubuntu16-nso:~$ ll ncs-run/ total 44 drwxrwxr-x 7 k_shogo k_shogo 4096 Mar 23 07:41 ./ drwxr-xr-x 7 k_shogo k_shogo 4096 Mar 23 07:41 ../ drwxrwxr-x 2 k_shogo k_shogo 4096 Mar 23 07:41 logs/ drwxrwxr-x 2 k_shogo k_shogo 4096 Mar 23 07:41 ncs-cdb/ -rw-rw-r-- 1 k_shogo k_shogo 9357 Mar 23 07:41 ncs.conf drwxrwxr-x 2 k_shogo k_shogo 4096 Mar 23 07:41 packages/ -rw-rw-r-- 1 k_shogo k_shogo 627 Mar 23 07:41 README.ncs drwxrwxr-x 4 k_shogo k_shogo 4096 Mar 23 07:41 scripts/ drwxrwxr-x 2 k_shogo k_shogo 4096 Mar 23 07:41 state/ |
To use network devices, you need Network Element Drivers. Usually you need to get a separate subscription, but some of them are bundled in this edition of NSO. Copy them to the project folder.
|
1 2 3 4 5 6 7 8 9 10 11 |
k_shogo@ubuntu16-nso:~$ cp -r $HOME/nso-4.7/packages/neds/* $HOME/ncs-run/packages k_shogo@ubuntu16-nso:~$ ll ncs-run/packages/ total 32 drwxrwxr-x 8 k_shogo k_shogo 4096 Mar 23 08:29 ./ drwxrwxr-x 8 k_shogo k_shogo 4096 Mar 23 08:24 ../ drwxr-xr-x 8 k_shogo k_shogo 4096 Mar 23 08:29 a10-acos/ drwxr-xr-x 7 k_shogo k_shogo 4096 Mar 23 08:29 cisco-ios/ drwxr-xr-x 8 k_shogo k_shogo 4096 Mar 23 08:29 cisco-iosxr/ drwxr-xr-x 8 k_shogo k_shogo 4096 Mar 23 08:29 cisco-nx/ drwxr-xr-x 8 k_shogo k_shogo 4096 Mar 23 08:29 dell-ftos/ drwxr-xr-x 5 k_shogo k_shogo 4096 Mar 23 08:29 juniper-junos/ |
Now NSO is ready to run.
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 |
k_shogo@ubuntu16-nso:~$ cd $HOME/ncs-run/ k_shogo@ubuntu16-nso:~/ncs-run$ ncs_cli -u admin admin connected from xx.xx.xx.xx using ssh on ubuntu16-nso admin@ncs> admin@ncs> configure Entering configuration mode private # if you copy the NEDs correctly, the packages should be loaded [edit] admin@ncs> request packages reload >>> System upgrade is starting. >>> Sessions in configure mode must exit to operational mode. >>> No configuration changes can be performed until upgrade has completed. >>> System upgrade has completed successfully. ... admin@ncs> show packages package oper-status packages package a10-acos oper-status up packages package cisco-ios oper-status up packages package cisco-iosxr oper-status up packages package cisco-nx oper-status up packages package dell-ftos oper-status up packages package juniper-junos oper-status up |
3. Register devices on NSO
I configured Cisco CSR1000v for this test. Minimum configuration is as follows:
|
1 2 3 4 5 |
hostname useast-csr01 ! username remote-admin secret supersecretpassword ! enable secret superexecpassword |
On NSO, first we need to create auth group.
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 |
admin@ncs> configure Entering configuration mode private [edit] admin@ncs% edit devices authgroups group defaultauthgrp [edit devices authgroups group defaultauthgrp] admin@ncs% set default-map remote-name remote-admin [edit devices authgroups group defaultauthgrp] admin@ncs% set default-map remote-password supersecretpassword [edit devices authgroups group defaultauthgrp] admin@ncs% set default-map remote-secondary-password superexecpassword |
Using this group, register a device to be managed.
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 |
[edit devices authgroups group defaultauthgrp] admin@ncs% top [edit] admin@ncs% edit devices device useast-csr01 [edit devices device useast-csr01] admin@ncs% set address x.x.x.x admin@ncs% set authgroup defaultauthgrp [edit devices device useast-csr01] admin@ncs% set device-type cli ned-id cisco-ios [edit devices device useast-csr01] admin@ncs% set state admin-state unlocked [edit devices device useast-csr01] admin@ncs% request ssh fetch-host-keys result updated fingerprint { algorithm ssh-rsa value 74:95:a1:bb:67:b1:a4:5d:09:53:bf:97:25:88:67:b1 } |
Once configured, commit the config
|
1 2 3 |
[edit devices device useast-csr01] admin@ncs% commit Commit complete. |
4. Test the connection
Everything is prepared to start managing the device. Let’s test.
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 |
# check if we can connect to the device [edit] admin@ncs% request devices connect connect-result { device useast-csr01 result true info (admin) Connected to useast-csr01 - x.x.x.x:22 } # sync device configuration "from" the device to NSO CDB [edit] admin@ncs% request devices sync-from sync-result { device useast-csr01 result true } |
Once device configuration is sync’ed from the device, you can check the configuration on NSO.
|
1 2 3 4 5 6 |
admin@ncs> show configuration devices device useast-csr01 config ios:version 16.9; ios:service { timestamps { debug { ... |
That’s all for now. I will introduce more on service in the next post.