Home / Opensource / Setup Guest shell and On-Box Python scripting on CSR1000v

Setup Guest shell and On-Box Python scripting on CSR1000v

Today I am going to talk about how to enable Guest shell and on box Python scripting on Cisco cloud router CSR1000v. Before we start with the enabling the Guest shell on Cisco CSR 1000v router, we need to understand what actually Guest shell all is about.

Introduction to Guest Shell
Guestshell is a virtualized Linux-based environment, designed to run custom Linux applications, including Python for automated control and management of Network devices. It also includes the automated provisioning (Day Zero) of system. 

This container shell provides a secure environment, decoupled from the host device, in which users can install scripts or software packages and run them. 

Fig 1.1-Guest shell and On-Box Python scripting on CSR1000v

Guest Shell in Cisco Environment
Guest Shell container is managed using IOx. IOx is Cisco's Application Hosting Infrastructure for Cisco IOS XE devices. IOx enables hosting of applications and services developed by Cisco, partners, and third-party developers in network edge devices, seamlessly across diverse and disparate hardware platforms. Guest Shell is isolated from the underlying host software to prevent interference of the core network functions of the device.

Now the question is what is this IOx?
IOx is a Cisco-developed end-to-end application framework that delivers application hosting abilities for different application types on Cisco network platforms. Guest Shell, a special container deployment, is one such application, that is useful in system deployment and operation.

IOx facilitates the life-cycle management of app and data exchange by providing a set of services that help developers to package pre-built apps and host them on a target device. IOx life-cycle management includes distribution, deployment, hosting, starting, stopping (management), and monitoring of apps and data. IOx services also include app distribution and management tools that help users discover and deploy apps to the IOx framework.

Configuration

Step-1: We need to enable IOx on Cisco CSR 1000v cloud router as below

CloudXP_CSR1000v#conf t
Enter configuration commands, one per line. End with CNTL/Z.
CloudXP_CSR1000v (config)#iox
CloudXP_CSR1000v (config)#exit

Step 2: Accessing Guest Shell Through the Management Port

CloudXP_CSR1000v #conf t
Enter configuration commands, one per line. End with CNTL/Z.
CloudXP_CSR1000v (config)#ip name-server 2.3.4.5
!
CloudXP_CSR1000v (config)#interface VirtualPortGroup0
CloudXP_CSR1000v (config-if) #ip address 192.168.1.1 255.255.255.0
CloudXP_CSR1000v (config-if) #ip nat inside
CloudXP_CSR1000v (config-if) #exit
!
CloudXP_CSR1000v (config-if) #interface GigabitEthernet1
CloudXP_CSR1000v (config-if) #ip address 172.66.70.124 255.255.255.0
CloudXP_CSR1000v (config-if) #ip nat outside
CloudXP_CSR1000v (config-if) #exit
!
CloudXP_CSR1000v (config)#ip access-list standard GUESTSHELL_NAT
CloudXP_CSR1000v (config-std-nacl) #permit 192.168.1.0 0.0.0.255
!
CloudXP_CSR1000v (config)#ip nat inside source list GUESTSHELL_NAT interface GigabitEthernet1 overload

Step 3: Enabling the Guest Shell

CloudXP_CSR1000v #Guestshell enable VirtualPortGroup 0 guest-ip 192.168.1.2 nmae-server 2.3.4.5

Verification

CloudXP_CSR1000v #show iox-services
Virtual Service Global State and Virtualization Limits:
Infrastructure version: 1.7
Total virtual services installed: 1
Total virtual services activated: 0

Machine types supported : LXC
Machine types disabled   : KVM

Maximum VCPUs per virtual service: 0
Resource virtualization limits:
Name                         Quota     Committed     Available 
--------------------------------------------------------------
system CPU (%)                 75             0            75 
memory (MB)                  1024             0          1024 
bootflash (MB)              20000           876          3008 

IOx Infrastructure Summary:
---------------------------
IOx service (CAF)   : Running
IOx service (HA)     : Not Running
IOx service (IOxman) : Running
Libvirtd             : Running

CloudXP_CSR1000v #guestshell run ping cisco.com
PING cisco.com (72.163.4.161) 56(84) bytes of data.
64 bytes from www1.cisco.com (72.163.4.161): icmp_seq=1 ttl=238 time=202 ms
64 bytes from www1.cisco.com (72.163.4.161): icmp_seq=2 ttl=238 time=232 ms
64 bytes from www1.cisco.com (72.163.4.161): icmp_seq=3 ttl=238 time=200 ms
64 bytes from www1.cisco.com (72.163.4.161): icmp_seq=4 ttl=238 time=199 ms
64 bytes from www1.cisco.com (72.163.4.161): icmp_seq=5 ttl=238 time=200 ms
64 bytes from www1.cisco.com (72.163.4.161): icmp_seq=6 ttl=238 time=200 ms

Accessing the Python Interpreter

CloudXP_CSR1000v #guestshell run python
Python 2.7.5 (default, Jan 17 2019, 18:11:42) 
[GCC 4.8.2 20140120 (Red Hat 4.8.2-16)] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>>

The Guestshell run command is the IOS equivalent of running Linux executables, and when run a Python script from IOS, specify the absolute path. The following example shows how to specify the absolute path for the command:

CloudXP_CSR1000v #guestshell run python /flash/sample_script.py parameter1 parameter2