Guestshell:
- Guestshell is a virtualized Linux-based environment, designed to run custom Linux applications, including Python for automated control and management of Cisco devices.
- For more details: https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/prog/configuration/173/b_173_programmability_cg/guest_shell.html
- Guestshell for 9800 was introduced in 16.12 release. Python 2.7 supported from 16.12 to 17.3.1. Python 3.6 supported from 17.1 onwards and is default after 17.3.1.
Requirements
- 9800-40, 9800-80 or 9800-L running 16.12 or later
- Enable guestshell in config. Find steps in instruction files for each of the use cases.
- Copy python scripts in the /bootflash/guest-share folder
- Not supported on 9800-CL or EWC (AP9105,AP9115,AP9120,AP9130)
Guestshell scripts and use cases:
- Efficient Client Troubleshooting
- Continuous Embedded Packet Capture
- Automated Archive request and export
- KPI Collector
Efficient Client Troubleshooting
Wireless client troubleshooting in 9800 may require several actions to collect a complete picture, this may include collecting ra_traces, set the level of debugging required, take packet captures, then export collected data, and change back to original debugging levels.
This tool will help to do all those steps in one shoot, saving time and ensuring all logs and captures are correlated properly
Client troubleshooting tool will use the IOS-XE guestshell python scripting capabilities, to simplify all the data collection steps
Files: start_client_debug2.py and stop_client_debug2.py
Actions performed:
- Collect ra_traces and packet capture from 9800 been and enable verbose level debugging for all wncd modules.
- Export the captures and ra_traces to a tftp using same filename to facilitate captures correlation with ra_trace
- Show a summary of client logs in ra_trace to be able to identify in which state and time the client was failing.
- Remove ra_trace once exported, and disable verbose level
- Create aliases to start/stop client debugging
Uninterrupted Embedded Packet Capture
This tool will help to export packet capture buffer to a server, without having to start and stop it, allowing continuous flow to be stored with different filenames for forensic analysis without any packet loss.
Continuous packet capture collection. Combining EEM with guestshell.
File: Continuous_packet_capture.py, EEM script and monitor capture config.
Actions done:
- After configuring a rotatory buffer packet capture we can use EEM to periodically trigger for guestshell script
- Guestshell script will check size of the buffer, if buffer is close to full then export capture and clear the buffer
- We can achieve a continuous packet capture without limit of 100MB per file
Useful for cases where we need continuous packet capture until issue occurs.
Automated Archive request and export
Some troubleshooting scenarios may need to do collect verbose traces on a regular basis
This tool will help us to automate periodical archive traces and exports without requiring customer intervention.
Periodical archive request and export using EEM script.
Actions done:
- Using EEM we can trigger periodical “request platform software trace archive” to export all logs from WLC
- Export file to a tftp server
- Delete archive file generated
Useful when we want to collect archive logs with extra debugging until issue occurs having all archives stored in tftp server.
KPI Collector
This tool will help to automate data collection (KPI or Action Plan), ensures we have the right data collected
Automated action plan data collection. Using python script with guestshell.
File: KPI.py
Actions done:
- Run a set of commands and store info in the file named with hostname-date
- Save command, timestamps and output for every command
- This allows to easily collect same logs several times using for loop for counter
Useful for collecting show commands with timestamps in an orderly manner and to be able to collect outputs several times to see how counters are increasing.