はじめに
久しぶりのブログ更新。
今日はpyats/Genieの自動化の第2弾としてospfの設定を行う。
動作環境
OS
ubuntu on ESXi
CSR1000v on ESXi
言語
python
目次
トポロジーはこちら。
※IOSには対応してない為、今回はCSR1000vにのみ自動化を行っている
自動化するコンフィグ
CSR1000vのインターフェースのIPアドレス設定とOSPF設定を自動化します。
自動化対象のコマンドはこちらです。
!
interface GigabitEthernet2
description pyats-ospf-conf
ip address 192.168.10.1 255.255.255.0
negotiation auto
!
router ospf 1
router-id 1.1.1.1
network 192.168.10.0 0.0.0.255 area 2
!
スクリプトはこちらになります。
github.com
実行
実行
python ospf.py
結果ログ
[2021-07-01 00:00:55,504] +++ csr1 logfile /tmp/csr1-cli-20210701T000055502.log +++
[2021-07-01 00:00:55,505] +++ Unicon plugin iosxe +++
Trying 192.168.100.21...
[2021-07-01 00:00:55,533] +++ connection to spawn: telnet 192.168.100.21, id: 140434380597856 +++
[2021-07-01 00:00:55,533] connection to csr1
Connected to 192.168.100.21.
Escape character is '^]'.
User Access Verification
Username: csr1
Password:
csr1>
[2021-07-01 00:00:57,766] +++ initializing handle +++
enable
Password:
csr1#
[2021-07-01 00:00:57,799] +++ csr1: executing command 'term length 0' +++
term length 0
csr1#
[2021-07-01 00:00:57,961] +++ csr1: executing command 'term width 0' +++
term width 0
csr1#
[2021-07-01 00:00:58,134] +++ csr1: executing command 'show version' +++
show version
Cisco IOS XE Software, Version 03.15.00.S - Standard Support Release
Cisco IOS Software, CSR1000V Software (X86_64_LINUX_IOSD-UNIVERSALK9-M), Version 15.5(2)S, RELEASE SOFTWARE (fc3)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2015 by Cisco Systems, Inc.
Compiled Sun 22-Mar-15 01:36 by mcpre
Cisco IOS-XE software, Copyright (c) 2005-2015 by cisco Systems, Inc.
All rights reserved. Certain components of Cisco IOS-XE software are
licensed under the GNU General Public License ("GPL") Version 2.0. The
software code licensed under GPL Version 2.0 is free software that comes
with ABSOLUTELY NO WARRANTY. You can redistribute and/or modify such
GPL code under the terms of GPL Version 2.0. For more details, see the
documentation or "License Notice" file accompanying the IOS-XE software,
or the applicable URL provided on the flyer accompanying the IOS-XE
software.
ROM: IOS-XE ROMMON
csr1 uptime is 38 minutes
Uptime for this control processor is 40 minutes
System returned to ROM by reload
System image file is "bootflash:packages.conf"
Last reload reason: <NULL>
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.
A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
If you require further assistance please contact us by sending email to
export@cisco.com.
License Level: ax
License Type: Default. No valid license found.
Next reload license Level: ax
cisco CSR1000V (VXE) processor (revision VXE) with 701398K/6147K bytes of memory.
Processor board ID 9JLL2WTI8I5
2 Gigabit Ethernet interfaces
32768K bytes of non-volatile configuration memory.
1989912K bytes of physical memory.
16162815K bytes of virtual hard disk at bootflash:.
Configuration register is 0x2102
csr1#
[2021-07-01 00:00:58,449] +++ csr1: config +++
config term
Enter configuration commands, one per line. End with CNTL/Z.
csr1(config)#no logging console
csr1(config)#line console 0
csr1(config-line)#exec-timeout 0
csr1(config-line)#end
csr1#
[2021-07-01 00:00:58,711] +++ csr1: executing command 'show run' +++
show run
Building configuration...
Current configuration : 1097 bytes
!
! Last configuration change at 14:48:25 UTC Wed Jun 30 2021 by csr1
!
version 15.5
service timestamps debug datetime msec
service timestamps log datetime msec
no platform punt-keepalive disable-kernel-core
platform console auto
!
hostname csr1
!
boot-start-marker
boot-end-marker
!
!
no logging console
enable password csr1
!
no aaa new-model
!
ip vrf VRF1
rd 1:100
!
!
!
!
!
!
!
!
!
ip domain name csr.com
!
!
!
!
!
!
!
!
!
!
subscriber templating
!
multilink bundle-name authenticated
!
!
!
!
!
!
!
!
!
!
!
!
!
license udi pid CSR1000V sn 9JLL2WTI8I5
spanning-tree extend system-id
!
username csr1 password 0 csr1
!
redundancy
!
!
!
!
!
!
ip ssh version 2
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface GigabitEthernet1
ip address 192.168.100.21 255.255.255.0
negotiation auto
!
interface GigabitEthernet2
no ip address
negotiation auto
!
!
virtual-service csr_mgmt
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0
exec-timeout 0 0
line vty 0 4
exec-timeout 0 0
login local
transport input all
!
!
end
csr1#
{'csr1': <genie.conf.base.config.CliConfig object at 0x7fb969b0be50>}
[2021-07-01 00:00:59,256] +++ csr1: config +++
config term
Enter configuration commands, one per line. End with CNTL/Z.
csr1(config)#interface GigabitEthernet2
csr1(config-if)# description pyats-ospf-conf
csr1(config-if)# ip address 192.168.10.1 255.255.255.0
csr1(config-if)# no shutdown
csr1(config-if)# exit
csr1(config)#end
csr1#
[2021-07-01 00:00:59,857] +++ csr1: config +++
config term
Enter configuration commands, one per line. End with CNTL/Z.
csr1(config)#router ospf 1
csr1(config-router)# no shutdown
csr1(config-router)# router-id 1.1.1.1
csr1(config-router)# network 192.168.10.0 0.0.0.255 area 2
csr1(config-router)# exit
csr1(config)#end
csr1#
[2021-07-01 00:01:00,345] +++ csr1: executing command 'show run' +++
show run
Building configuration...
Current configuration : 1224 bytes
!
! Last configuration change at 14:48:27 UTC Wed Jun 30 2021 by csr1
!
version 15.5
service timestamps debug datetime msec
service timestamps log datetime msec
no platform punt-keepalive disable-kernel-core
platform console auto
!
hostname csr1
!
boot-start-marker
boot-end-marker
!
!
no logging console
enable password csr1
!
no aaa new-model
!
ip vrf VRF1
rd 1:100
!
!
!
!
!
!
!
!
!
ip domain name csr.com
!
!
!
!
!
!
!
!
!
!
subscriber templating
!
multilink bundle-name authenticated
!
!
!
!
!
!
!
!
!
!
!
!
!
license udi pid CSR1000V sn 9JLL2WTI8I5
spanning-tree extend system-id
!
username csr1 password 0 csr1
!
redundancy
!
!
!
!
!
!
ip ssh version 2
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface GigabitEthernet1
ip address 192.168.100.21 255.255.255.0
negotiation auto
!
interface GigabitEthernet2
description pyats-ospf-conf
ip address 192.168.10.1 255.255.255.0
negotiation auto
!
router ospf 1
router-id 1.1.1.1
network 192.168.10.0 0.0.0.255 area 2
!
!
virtual-service csr_mgmt
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0
exec-timeout 0 0
line vty 0 4
exec-timeout 0 0
login local
transport input all
!
!
end
ここまでの結果がconfigの自動設定になる。
cofigの修正前と修正後の比較の結果はこちらになります。
csr1#
+Current configuration : 1224 bytes:
+router ospf 1:
+ network 192.168.10.0 0.0.0.255 area 2:
+ router-id 1.1.1.1:
-Current configuration : 1097 bytes:
interface GigabitEthernet2:
+ description pyats-ospf-conf:
+ ip address 192.168.10.1 255.255.255.0:
- no ip address:
確認
- neighborの確認
csr1#show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
2.2.2.2 1 FULL/DR 00:00:35 192.168.10.2 GigabitEthernet2
自動化後にneighborが形成されているかも確認。
参考資料
pyATS/Genie初回環境構築は前回の記事を参考にしてください。
hiro1325.hatenablog.com
終わりに
次はより多くのconfigの自動化のスクリプト作成にチャレンジ行う。
ご意見があればよろしくお願いします。