らくがきちょう

なんとなく ~所属組織/団体とは無関係であり、個人の見解です~

CML2 に NX-OS 9300V を登録する

CML2 に NX-OS 9300V を登録する手順をメモしておきます。

OS イメージのダウンロード

CCO の NX-OS 9000v Switch のページ から CML2 へアップロードする OS のバイナリイメージをダウンロードします。 今回は nexus9300v.9.3.8.qcow2 をダウンロードしました (※ 当然ですが OS をダウンロードする権限を保有している必要があります)。

Node Definition

予め、以下の内容で .yaml ファイルを定義しておきます。 次に CML2 の Web UI へアクセスし TOOLSNode and Image DefinitionsIMPORT を選択し、定義しておいた .yaml ファイルを読み込みます。

id: nxosv9300
configuration:
  generator:
    driver: nxosv9000
  provisioning:
    volume_name: disk
    media_type: iso
    files:
      - name: nxos_config.txt
        content: |-
          # workaround for booting to loader> prompt
          echo 'from cli import cli' > set_boot.py
          echo 'import json' >> set_boot.py
          echo 'import os' >> set_boot.py
          echo 'import time' >> set_boot.py
          echo 'bootimage = json.loads(cli("show version | json"))["kick_file_name"]' >> set_boot.py
          echo 'set_boot = cli("conf t ; boot nxos {} ; no event manager applet BOOTCONFIG".format(bootimage))' >> set_boot.py
          echo 'i = 0' >> set_boot.py
          echo 'while i < 10:' >> set_boot.py
          echo '    try:' >> set_boot.py
          echo '        save_config = cli("copy running-config startup-config")' >> set_boot.py
          echo '        break' >> set_boot.py
          echo '    except Exception:' >> set_boot.py
          echo '        i += 1' >> set_boot.py
          echo '        time.sleep(1)' >> set_boot.py
          echo 'os.remove("/bootflash/set_boot.py")' >> set_boot.py
          event manager applet BOOTCONFIG
           event syslog pattern "Configured from vty"
           action 1.0 cli python bootflash:set_boot.py
          # minimum needed config to login
          no password strength-check
          username admin role network-admin
          username admin password cisco role network-admin
          username cisco role network-admin
          username cisco password cisco role network-admin
        editable: true
device:
  interfaces:
    has_loopback_zero: true
    default_count: 4
    loopback:
      - Loopback0
    management:
      - mgmt0
    physical:
      - mgmt0
      - Ethernet1/1
      - Ethernet1/2
      - Ethernet1/3
      - Ethernet1/4
      - Ethernet1/5
      - Ethernet1/6
      - Ethernet1/7
      - Ethernet1/8
      - Ethernet1/9
      - Ethernet1/10
      - Ethernet1/11
      - Ethernet1/12
      - Ethernet1/13
      - Ethernet1/14
      - Ethernet1/15
      - Ethernet1/16
      - Ethernet1/17
      - Ethernet1/18
      - Ethernet1/19
      - Ethernet1/20
    serial_ports: 2
inherited:
  image:
    ram: true
    cpus: true
    data_volume: false
    cpu_limit: true
    boot_disk_size: false
  node:
    ram: true
    cpus: true
    cpu_limit: true
    data_volume: false
    boot_disk_size: false
general:
  description: Cisco Nexus 9300v Switch
  nature: switch
  read_only: true
schema_version: 0.0.1
sim:
  linux_native:
    base_image: null
    cpus: 2
    disk_driver: sata
    driver: nxosv9300
    efi_boot: true
    libvirt_domain_driver: kvm
    nic_driver: e1000
    ram: 8192
boot:
  timeout: 480
  completed:
    - There is no admin password in the bootstrap file
    - User Access Verification
pyats:
  os: nxos
  series: n9k
  config_extract_command: show run
ui:
  description: |-
    Cisco Nexus 9300v Switch

    Requires 8 GB DRAM, 2 vCPUs

    [CCO Link](https://www.cisco.com/c/en/us/support/switches/nexus-9000v-switch/model.html)
  group: Cisco
  icon: switch
  label: NX-OS 9300
  label_prefix: nxos9300-
  visible: true

Image Definition

CML2 の Web UI へアクセスし TOOLSNode and Image DefinitionsIMAGE DEFINITIONSADD をクリックし、以下のように入力した後、CREATE IMAGE DEFINITION をクリックします。 これで CML2 上で NX-OS 9300V を利用出来るようになります。

Item Value
ID nxosv9300-10-1-2
Label NX-OS 9300 10.1.2
Description NX-OS 9300 10.1.2
Disk Image nexus9300v.10.1.2.qcow2
Node Definition nxosv9300

初期コンフィグ

初期コンフィグは以下でした。

vdc switch id 1
  limit-resource vlan minimum 16 maximum 4094
  limit-resource vrf minimum 2 maximum 4096
  limit-resource port-channel minimum 0 maximum 511
  limit-resource u4route-mem minimum 248 maximum 248
  limit-resource u6route-mem minimum 96 maximum 96
  limit-resource m4route-mem minimum 58 maximum 58
  limit-resource m6route-mem minimum 8 maximum 8
no password strength-check
username admin password 5 $5$BPAIJA$YGhcltCWx3wABC89rbkdWGiT/OvM3099CSS3sHfSlW1  role network-admin
username cisco password 5 $5$NKNGPP$TBeZV.mMNETf2RvqHs3Gr8dxOPoEQHGkV7gir2SifE4  role network-admin
username cisco passphrase  lifetime 99999 warntime 14 gracetime 3
ip domain-lookup
snmp-server user admin network-admin auth md5 0x427e8b0053a3c27058bbaf45293e1686 priv aes-128 0x427e8b0053a3c27058bbaf45293e1686 localizedkey
snmp-server user cisco network-admin auth md5 0x427e8b0053a3c27058bbaf45293e1686 priv aes-128 0x427e8b0053a3c27058bbaf45293e1686 localizedkey
rmon event 1 log trap public description FATAL(1) owner PMON@FATAL
rmon event 2 log trap public description CRITICAL(2) owner PMON@CRITICAL
rmon event 3 log trap public description ERROR(3) owner PMON@ERROR
rmon event 4 log trap public description WARNING(4) owner PMON@WARNING
rmon event 5 log trap public description INFORMATION(5) owner PMON@INFO

vlan 1

vrf context management

interface Ethernet1/1

interface Ethernet1/2

interface Ethernet1/3

interface Ethernet1/4

interface Ethernet1/5

interface Ethernet1/6

interface Ethernet1/7

interface Ethernet1/8

interface Ethernet1/9

interface Ethernet1/10

interface Ethernet1/11

interface Ethernet1/12

interface Ethernet1/13

interface Ethernet1/14

interface Ethernet1/15

interface Ethernet1/16

interface Ethernet1/17

interface Ethernet1/18

interface Ethernet1/19

interface Ethernet1/20

interface Ethernet1/21

interface Ethernet1/22

interface Ethernet1/23

interface Ethernet1/24

interface Ethernet1/25

interface Ethernet1/26

interface Ethernet1/27

interface Ethernet1/28

interface Ethernet1/29

interface Ethernet1/30

interface Ethernet1/31

interface Ethernet1/32

interface Ethernet1/33

interface Ethernet1/34

interface Ethernet1/35

interface Ethernet1/36

interface Ethernet1/37

interface Ethernet1/38

interface Ethernet1/39

interface Ethernet1/40

interface Ethernet1/41

interface Ethernet1/42

interface Ethernet1/43

interface Ethernet1/44

interface Ethernet1/45

interface Ethernet1/46

interface Ethernet1/47

interface Ethernet1/48

interface Ethernet1/49

interface Ethernet1/50

interface Ethernet1/51

interface Ethernet1/52

interface Ethernet1/53

interface Ethernet1/54

interface Ethernet1/55

interface Ethernet1/56

interface Ethernet1/57

interface Ethernet1/58

interface Ethernet1/59

interface Ethernet1/60

interface Ethernet1/61

interface Ethernet1/62

interface Ethernet1/63

interface Ethernet1/64

interface mgmt0
  vrf member management
icam monitor scale

line console
line vty
boot nxos bootflash:/nxos.10.1.2.bin

show コマンドの表示

show コマンドの出力結果は以下の通りです。

show version

switch# show version
Cisco Nexus Operating System (NX-OS) Software
TAC support: http://www.cisco.com/tac
Documents: http://www.cisco.com/en/US/products/ps9372/tsd_products_support_series_home.html
Copyright (c) 2002-2021, Cisco Systems, Inc. All rights reserved.
The copyrights to certain works contained herein are owned by
other third parties and are used and distributed under license.
Some parts of this software are covered under the GNU Public
License. A copy of the license is available at
http://www.gnu.org/licenses/gpl.html.

Nexus 9000v is a demo version of the Nexus Operating System

Software
  BIOS: version
  NXOS: version 10.1(2)
  BIOS compile time:
  NXOS image file is: bootflash:///nxos.10.1.2.bin
  NXOS compile time:  5/13/2021 17:00:00 [05/14/2021 02:21:06]

Hardware
  cisco Nexus9000 C9300v Chassis
  Intel(R) Xeon(R) CPU E5-2420 0 @ 1.90GHz with 8157204 kB of memory.
  Processor Board ID 9ZWNFDR3QZW
  Device name: switch
  bootflash:    4287040 kB

Kernel uptime is 0 day(s), 1 hour(s), 36 minute(s), 48 second(s)

Last reset
  Reason: Unknown
  System version:
  Service:

plugin
  Core Plugin, Ethernet Plugin

Active Package(s):

show inventory

switch# show inventory
NAME: "Chassis",  DESCR: "Nexus9000 C9300v Chassis"
PID: N9K-C9300v          ,  VID:     ,  SN: 9G1I2FYDFRV

NAME: "Slot 1",  DESCR: "Nexus 9000v 64 port Ethernet Module"
PID: N9K-X9364v          ,  VID:     ,  SN: 99TOT0ZCF8W

NAME: "Slot 27",  DESCR: "Supervisor Module"
PID: N9K-vSUP            ,  VID:     ,  SN: 9ZWNFDR3QZW