This repository is deprecated; please follow the main search page or use the ‘Related code repos’ widget on the right side of the current page.

provision-guestshell

This script grew out of an effort to automate enabling Guest Shell on an IOS-XE router. The script is designed to allow for passing session parameters for native access to physical/virtual routers as well as a CSR running as a vagrant box. This is an initial pass at publishing the script. I've outlined my project plan to add functionality here.

Notes on Running the Script

  • Device details are maintained in the device_details.yml
    • Prior to running the script replace any instance of <> with your device specific details.
  • Command sets pushed via Netmiko are contained in command_sets.yml.
  • You must have a directory titled 'netconf_configs' or the script will fail.
  • The script is executed by running provision_gs.py without any additional arguments.

#Caveats

  • There is currently an issue with the script if you attempt to run it more than once on the same target. As the script attempts to push out the NAT configuration ncclient generates an error as the configuration already exists. The current work around is to remove the NAT_ACL from the router before running the script again.

Project Plan

As this is just the initial push of the script I have a short term plan to address the following:

  • Leverage getpass to remove the need to statically set the device password in device_details.yml
  • Address error generated when a the NAT_ACL already exists on the target device.
  • Add framework for updating YUM in Guest Shell, installing git, and populating a repository to be used by Guest Shell.

Use Case

This script is designed to quickly provision the required IOS-XE commands to enable GuestShell (IOX, VirtualPortGroups, NAT, App-Hosting).

Guestshell is a virtualized Linux-based environment that is designed to run custom Linux applications, including Python for automated control and management of Cisco devices. It also includes the automated provisioning (Day zero) of systems. This container shell provides a secure environment, decoupled from the host device, in which users can install scripts or software packages, and run them. While GuestShell is relatively simple to provision on a single device enabling GuestShell holistically across the network can be a time-consuming process. This script will enable the shell and prepare it so that it is ready to populate with additional Linux packages or custom python applications.

The script is designed to read in configuration details from YAML. Once the script has device details, a series of Jinja Templates are rendered. These templates create XML payloads for the configuration of the router and switch. The script leverages Netmiko to send CLI commands to provision GuestShell. You can provision additional routers by creating additional data structures in the input YAML file.

While not included in Code Exchange, a provision_gs script can be modified to add custom applications. An operator can execute commands directly in GuestShell from Exec mode on the router or switch. Using a similar format to the Netmiko tasks in the script, an operator can add additional command sets to execute commands. Some examples include:

  • Installing git: guestshell run sudo yum install -y git
  • Cloning a repo: guestshell run git clone http://foo.git
  • Executing a shell script: guestshell run ./prep_env.sh

Leverage "getpass" to remove the need to statically set the device password in device_details.yml. Address error generated when the NAT_ACL already exists on the target device. Add framework for updating YUM in Guest Shell, installing git, and populating a repository to be used by Guest Shell.

Objectivies

  • Guestshell is a virtualized Linux-based environment, designed to run custom Linux applications, including Python for automated control and management of Cisco devices.
  • The script is designed to automate enabling Guest Shell on an IOS-XE router.
  • Allows for passing session parameters for native access to physical/virtual routers as well as a CSR running as a Vagrant box.
  • Uses jinja2 templates for creating dynamic NETCONF descriptions.
  • Device details and command sets are maintained in a YAML file using netmiko for the command sets.

Requirements

IOS XE with Guestshell enabled.

View code on GitHub
  • Owner

  • Contributors

    +1Github contributor
  • Categories

  • Products

    IOS XE
  • Programming Languages

    Python
  • License

    Other

Code Exchange Community

Get help, share code, and collaborate with other developers in the Code Exchange community.View Community
Disclaimer:
Cisco provides Code Exchange for convenience and informational purposes only, with no support of any kind. This page contains information and links from third-party websites that are governed by their own separate terms. Reference to a project or contributor on this page does not imply any affiliation with or endorsement by Cisco.