The Open NX-OS platform presents a specialized container that is pre-built and installed within the system. This container environment is called the guest shell. The guest shell is based on CentOS 7.
To check if the guest shell is enabled on the system, the command "show virtual-service list" can be executed. The guest shell will be in Activated state if it is enabled:
n9k-sw-1# show virtual-service list
Virtual Service List:
| Name |
Status |
Package Name |
| guestshell+ |
Activated |
guestshell.ova |
If the guest shell is not enabled, the command guestshell enable will activate the guest shell container on the system:
n9k-sw-1# guestshell enable
%$ VDC-1 %$ %VMAN-2-INSTALL_STATE: Installing virtual service 'guestshell+'
%$ VDC-1 %$ %VMAN-2-INSTALL_STATE: Install success virtual service 'guestshell+'; Activating
%$ VDC-1 %$ %VMAN-2-ACTIVATION_STATE: Activating virtual service 'guestshell+'
%$ VDC-1 %$ %VMAN-2-ACTIVATION_STATE: Successfully activated virtual service 'guestshell+'
To access the guest shell, enter guestshell on the NX-OS CLI.
n9k-sw-1# guestshell
[guestshell@guestshell ~]$
From the guest shell prompt, the user can run Linux commands:
[guestshell@guestshell ~]$ pwd
/home/guestshell
[guestshell@guestshell ~]$ ls
[guestshell@guestshell ~]$ whoami
guestshell
[guestshell@guestshell ~]$ ps -e | grep systemd
1 ? 00:00:00 systemd
10 ? 00:00:00 systemd-journal
28 ? 00:00:00 systemd-logind
[guestshell@guestshell ~]$
The guest shell also provides direct access to the hosts bootflash on the switch. Files on /bootflash can be edited directly from within the guest shell environment. By default the guest shell comes with the vi editor pre-installed. More editors can be installed using yum or RPM to customize guest shell functionality to the shell of your choice.
Users within the guest shell can interact with the NX-OS host CLI to gather respective switch level information. The application dohost is provided to execute NX-OS CLI commands:
[guestshell@guestshell ~]$ dohost "show ip int brief vrf management"
IP Interface Status for VRF "management"(2)
Interface IP Address Interface Status
mgmt0 10.95.33.238 protocol-up/link-up/admin-up
The dohost command uses Unix domain sockets to facilitate the transfer of information between the guest shell and NX-OS host processes. Data retrieved from the dohost command can be used to take actions local to the network device within the guest shell. With this functionality, self-healing machines can be created. As an example, an application could be created in the Linux environment which captured the interface state periodically. When the interface state changes, the Linux application could be used to bring up a partner or backup interface.
The guest shell uses the default Virtual Routing and Fowarding (VRF) table for external connectivity. The application chvrf is provided for VRF management.
Usage of chvrf:
[guestshell@guestshell ~]$ chvrf
Usage: chvrf [ ...]
Ping a host through the management VRF:
[guestshell@guestshell ~]$ chvrf management ping 10.70.42.150
PING 10.70.42.150 (10.70.42.150) 56(84) bytes of data.
64 bytes from 10.70.42.150: icmp_seq=1 ttl=53 time=19.2 ms
64 bytes from 10.70.42.150: icmp_seq=2 ttl=53 time=20.0 ms
Note: The chvrf command can be used in front of any command in the system to use the desired VRF.
The guest shell has been populated with common package managers. The yum package manager is installed, and will pull packages from the default CentOS 7 repositories. The locations of package repositories can be changed by modifying the ".repo" repository files in the /etc/yum/repos.d directory. The command yum list available will show all available packages in the repositories.
Installing the git client via yum, using the management VRF:
Install 1 Package (+34 Dependent packages)
Total download size: 17 M
Installed size: 63 M
Is this ok [y/d/N]:
You may need to increase the partition size of the guest shell, which is an option available to you from the host CLI using guestshell resize.
Resizing the rootfs of guest shell:
n9k-sw-1# guestshell resize rootfs 600
Note: Please disable/enable or reboot the Guest shell for root filesystem to be resized
In addition to the yum package manager, the Python package manager (pip) is also available from within the guest shell. Python packages are installed by pip into the default Python repository. In order to view a listing of installed packages, run the pip freeze command:
[guestshell@guestshell ~]$ sudo pip freeze
iniparse==0.4
pycurl==7.19.0
pygpgme==0.3
pyliblzma==0.5.3
pyxattr==0.5.1
urlgrabber==3.10
yum-metadata-parser==1.1.4
From this example, we see that there are certain packages already installed such as Python curl (pycurl). A common package needed when working with Python and HTTP is the requests module.
The command listed below can be used to install the requests Python module:
guestshell@guestshell ~]$ sudo chvrf management pip --proxy=proxy.my.customer.com:8080 install requests
The command was executed as root to ensure we go through the management vrf using the chvrf command. In the event that the guest shell requires a proxy server for external HTTP connectivity, the --proxy option can be used.
You can now start Python and see that the requests module can be imported.
[guestshell@guestshell ~]$ python
Python 2.7.5 (default, Jun 17 2014, 18:11:42)
[GCC 4.8.2 20140120 (Red Hat 4.8.2-16)] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> import requests
>>>
The pip freeze command will also show that the requests module has been installed.
Additional programming languages can be installed within the guest shell if desired, is a user wants to utilize a different scripting language like perl. Users can install programming environments as needed through the yum package manager, or manually via RPM:
Running perl
[guestshell@guestshell ~]$ perl --version
This is perl 5, version 16, subversion 3 (v5.16.3) built for x86_64-linux-thread-multi
(with 28 registered patches, see perl -V for more detail)
Copyright 1987-2012, Larry Wall
Perl may be copied only under the terms of either the Artistic License or the
GNU General Public License, which may be found in the Perl 5 source kit.
Complete documentation for Perl, including FAQ lists, should be found on
this system using "man perl" or "perldoc perl". If you have access to the
Internet, point your browser at https://www.perl.org/, the Perl Home Page.
Perl files can be executed directly within the guest shell:
n9k-sw-1# guestshell
[guestshell@guestshell ~]$ ./test.pl
This is a perl script!
Programs and scripts can be executed in the guest shell directly from Open NX-OS using guestshell run.
[guestshell@guestshell ~]$ exit
logout
n9k-sw-1#
n9k-sw-1#
n9k-sw-1#
n9k-sw-1# guestshell run /home/guestshell/test.py
This is a Python script!
n9k-sw-1#
n9k-sw-1#
n9k-sw-1# guestshell run /home/guestshell/test.pl
This is a perl script!
n9k-sw-1#