There are two types of IOS-XE farms, 16.XX to 17.XX and 3.X.X, and only 16.XX to 17.XX can use guestshell and python functions.
It seems that Python is becoming standard equipment for both JUNIPER and CISCO.
It is possible to implement a programmable network that automatically executes a script triggered by EEM (event).
Junos has had a shell mode for a long time, and user privileges have been disabled in the sense that it is dangerous if the operator enters by mistake.
Cisco's TCL has also been embedded in a workaround for troubleshooting, but maintenance is a high hurdle on the operation side.
I wonder if it can be used in the popular Python and NW operations. .. .. Anyway, it's not easy and safe to use, so I'll try it first.
In Catalyst 3850/3650 with IOS-XE
The code name of the firmware of 16.XX is the name of the mountain in alphabetical order of the acronym.
16.2 – 16.3 is Denali
16.6 – 16.7 is Everest
16.8 – 16.9 is Fuji
16.10 – 16.12 is Gibraltar
In the Catalyst 9000 series, it was 17.XX and after Fuji, Amsterdam with the acronym A was released (what name series is next ...?) Cisco IOS XE Amsterdam 17.2.x 30/Mar/2020
16.6.5 Everest is OK
cisco
iso-sw#show version
---snip---
Switch Ports Model SW Version SW Image Mode
------ ----- ----- ---------- ---------- ----
* 1 56 WS-C3850-48T 16.6.5 CAT3K_CAA-UNIVERSALK9 INSTALL
Enable ** iox ** It seems to be a function that enables application development on Cisco devices using Linux open source tools on Cisco IOS.
cisco
isp-sw(config)#iox
Enable ** ip http server **
cisco
isp-sw(config)#ip http server
OK if it is Running
cisco
isp-sw#show iox-service
IOx Infrastructure Summary:
---------------------------
IOx service (CAF) : Running
IOx service (HA) : Running
IOx service (IOxman) : Running
Libvirtd : Running
isp-sw#show app-hosting list
App id State
------------------------------------------------------
guestshell RUNNING
Become a bash prompt user is guestshell
cisco→shell
isp-sw#guestshell
[guestshell@guestshell ~]$ echo $SHELL
/bin/bash
[guestshell@guestshell ~]$ whoami
guestshell
[guestshell@guestshell ~]$ uname -a
Linux guestshell 3.10.101-rt110 #1 SMP Sat Oct 13 11:07:11 PDT 2018 mips64 GNU/Linux
cisco→guestshell→python
isp-sw#guestshell run python
Python 2.7.11 (default, May 17 2017, 05:17:57)
[GCC 5.3.0] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>>
With ** import cli ** First, import the module to use the command This module allows you to execute EXEC commands and configuration commands from python Enter the help (XXXX) command to see how to use the python command
Below is an example of help display for ** cli.configure **
python
isp-sw#guestshell run python
Python 2.7.11 (default, May 17 2017, 05:17:57)
[GCC 5.3.0] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>>
>>> import cli ###Import module
>>>
>>> help(configure) ###How to use configure is displayed
Help on function configure in module cli:
configure(configuration)
Apply a configuration (set of Cisco IOS CLI config-mode commands) to the device
and return a list of results.
configuration = '''interface gigabitEthernet 0/0
no shutdown'''
# push it through the Cisco IOS CLI.
try:
results = cli.configure(configuration)
print "Success!"
except CLIConfigurationError as e:
print "Failed configurations:"
for failure in e.failed:
print failure
Args:
configuration (str or iterable): Configuration commands, separated by newlines.
Returns:
list(ConfigResult): A list of results, one for each line.
Raises:
CLISyntaxError: If there is a syntax error in the configuration.
>>>
Set IF with configure command and execute shut Enter the same config that is set in Cisco's configuration mode in a line-by-line list separated by ",". The command becomes long horizontally, but multiple lines can be set
python
>>> cli.configure(["interface GigabitEthernet1/0/7", "shutdown","interface GigabitEthernet1/0/5", "shutdown"])
[ConfigResult(success=True, command='interface GigabitEthernet1/0/7', line=1, output='', notes=None), ConfigResult(success=True, command='shutdown', line=2, output='', notes=None), ConfigResult(success=True, command='interface GigabitEthernet1/0/5', line=3, output='', notes=None), ConfigResult(success=True, command='shutdown', line=4, output='', notes=None)]
>>>
''
Check the actual device settings in the terminal log I was able to set
cisco
isp-sw#ter monitor
Mar 26 08:42:50.264 JST: %LINK-5-CHANGED: Interface GigabitEthernet1/0/7, changed state to administratively down
Mar 26 08:42:50.270 JST: %LINK-5-CHANGED: Interface GigabitEthernet1/0/5, changed state to administratively down
Next, set the IF with the configurep command and execute shut. The setting operation is the same only with p, and there is a difference in the output of the result after execution. Is it used when passing the script execution result to the next process?
python
>>> cli.configurep(["interface GigabitEthernet1/0/7", "shutdown","interface GigabitEthernet1/0/5", "shutdown"])
Line 1 SUCCESS: interface GigabitEthernet1/0/7
Line 2 SUCCESS: shutdown
Line 3 SUCCESS: interface GigabitEthernet1/0/5
Line 4 SUCCESS: shutdown
>>>
Check the actual device settings in the terminal log
cisco
isp-sw#ter monitor
Mar 26 08:50:18.152 JST: %LINK-5-CHANGED: Interface GigabitEthernet1/0/7, changed state to administratively down
Mar 26 08:50:18.156 JST: %LINK-5-CHANGED: Interface GigabitEthernet1/0/5, changed state to administratively down
Can execute ** 1 ** Cisco EXEC command This is also different from the output code format after setting
python
>>> cli.execute("sh system mtu")
'Global Ethernet MTU is 1500 bytes.'
>>>
>>> cli.executep("sh system mtu")
Global Ethernet MTU is 1500 bytes.
>>>
Check the actual device settings in the terminal log
cisco
isp-sw#ter monitor
Mar 26 07:47:09.399 JST: %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback11, changed state to up
Mar 26 07:47:09.400 JST: %LINK-3-UPDOWN: Interface Loopback11, changed state to up
May 26 07:47:09.409 JST: %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback13, changed state to up
Mar 26 07:47:09.410 JST: %LINK-3-UPDOWN: Interface Loopback13, changed state to up
You can just enter Cisco's config from EXEC mode. There is only a difference in the output code format after setting.
python
>>> cli.clip('show clock')
21:06:06.846 JST Mon Mar 25 2020
>>>
>>> cli.cli('show clock')
'\n21:06:12.672 JST Mon Mar 25 2020\n'
>>>
Check the settings with the ** cli ** command I set two Lo addresses with the cil command. It will be set from EXEC mode. Execute no shut. Just line up the config line by line, separated by;.
python
>>> cli.cli('configure terminal; interface loopback 11; ip address 10.11.11.11 255.255.255.255; no shutdown ;interface loopback 13; ip address 10.13.13.13 255.255.255.255; no shutdown ')
''
Check the actual device settings in the terminal log
cisco
isp-sw#ter monitor
Mar 26 07:47:09.399 JST: %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback11, changed state to up
Mar 26 07:47:09.400 JST: %LINK-3-UPDOWN: Interface Loopback11, changed state to up
May 26 07:47:09.409 JST: %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback13, changed state to up
Mar 26 07:47:09.410 JST: %LINK-3-UPDOWN: Interface Loopback13, changed state to up
I was able to execute routine and EXEC commands using a Python module on a Cisco device. Next, apply it in Run Python script with EEM
Model: Catalyst 3850 Ver:Cisco IOS XE 16.06.05 Everest
Programmability Configuration Guide, Cisco IOS XE Everest 16.6.x
Recommended Posts