Automating Cisco IOS using NSO 5.3 on Ubuntu Linux 20.04 – Part 4 (NSO Services)

Categories Automation, Cisco, Devnet, NSO
  • A network service refers to a collection of configurations across devices on a network.
  • NSO Services are used to create instances of services to deploy across your network.
  • You can define any set of configuration templates and sets of variables for those templates.
  • NSO will keep track of the service instances and only update or remove services.
  • Services can be a customer, tenant, site id, or anything you want to define.
  • Services provide assurance and verification that prove the intended outcome on the network before applying the configuration into a production environment. Services can be used along side other applications or workflow engines.

Creating the Service Package

  • NSO uses a built in package management system to handle NEDs and custom service packages.
  • ncs-make-package is a CLI tool that will auto generate a skeleton structure of files needed for creating the service package.
  • The tree is a tiny, cross-platform command-line program used to recursively list or display the content of a directory in a tree-like format. It outputs the directory paths and files in each sub-directory and a summary of a total number of sub-directories and files.
  • Review the contents of the loopback-service.yang and loopback-service-template.xml files using cat to output to the terminal.
  • Launch the ncs_cli
  • Create a loopback interface with an IP schematic.
  • go to the top directory and verify the pending configuration changes.
  • Output the changes using XML formatting and copy the interface configuration section between the </config> tags
  • Using a text editor such as gedit, nano, vi, vim or whatever you are comfortabl with paste in the XML configuration you copied between the </config> tags
  • rename the IP address and give it a variable of {/dummy}
  • Save the configuration after verifying the config contents are proper.
  • make the package
  • Get back into the ncs_cli
  • reload the packages in ncs.

Creating a Service Instance

  • From configuration mode in the NSO CLI use the new loopback-service command.
  • Name the instance test and add variables for the device and IP scheme.
  • Verify the configuration on the a0 device.

Automating Cisco IOS using NSO 5.3 on Ubuntu Linux 20.04 – Part 3 (Device and Group Templates)

Categories Automation, Cisco, Devnet, NSO
  • Create a device template that we will apply to all devices inside of our IOS_DEVICES group. You will begin to see the benefit of automation by the end of this post.
  • We will select our IOS 6.42 NED as the device driver. We will enter into configuration mode and then enter the commands needed to setup name servers on the IOS devices.
  • We can use show configuration to see our pending changes before we commit the template to NSO.
  • With our final command we can see that our single line of text wil apply our template to every device in our device group.
  • We can also use the commit dry-run to see all configuration changes that will be applied to the device’s once we commit the template.
  • The last step now that we have confirmed we in fact want these changes to take place on the IOS devices is to commit the changes.

Automating Cisco IOS using NSO 5.3 on Ubuntu Linux 20.04 – Part 2 (Device Configuration)

Categories Automation, Cisco, Devnet, NSO
  • NSO can read the current configuration and easily update the configurations across your network.

Reading Device Configurations

  • We can review the full device configuration with the following commands for c0.
  • We can use the de-select keyword to filter out elements of our returned data. In this example we are excluding the config data and should be returned with the config used to add the device into the NSO inventory. Think of this as the vanilla config.
  • Next let’s create an SVI for vlan 2 on the c0 device and then verify the configuration all through the ncs_cli.
As you can see we can create many different types of interfaces to mimic that of most devices.
The alarm sates c0’s device is out of sync
  • To fix this we can either re-sync the device to NSO or commit and ignore the sync check for the commit.
  • Finally we can run our show command for the C0 device and parse out only the interface information we’re looking for. All from the same CLI.
  • Repeat this process creating a vlan for the SVI, an access port for that vlan and other configuratios. Then you can verify with show commands parsing data after the commits.
  • NSO supports * wildcarding so you can pull configuration data from multiple ‘modules’ at once.
  • We have now explored connecting to an IOS device, Creating configurations on the device and verifying for sanity using show commands all from the NSO developer box.

Automating Cisco IOS using NSO 5.3 on Ubuntu Linux 20.04 – Part 1 (Adding Devices)

Categories Automation, Cisco, Devnet, NSO

Please follow my previous post about setting up NSO 5.3 on Ubuntu 20.04.

  • Start netsim and use the cli-i c1 command to console to the device c1. From here you can use normal IOS commands. We can even see the pre-populated commands in the running configuration.
  • Next we exit out of the IOS CLI and hop into the NSO CLI. This is where the benefit of NSO comes into play. Through NSO we are able to see structured YANG data from the IOS devices.

Populating the NSO Instance

  • Now that NSO is running you need to add the devices we created into the NSO inventory. This will allow NSO to read and write data. For this to work we will need an authgroup so we can setup credentials for the devices.
  • NOTE: -C specifies ‘cisco style’ CLI because the default is a ‘Juniper style’, -u admin allows us to login as the admin user.
  • Setup a new authgroup called labadmin This group will use a default credentials: cisco:cisco for devices, with a secondary pass of cisco.
  • After staging the configuration you must commit it to the system with the ‘commit’ command. BEFORE you commit make sure to use the top command and review the configuration changes that are staged by using ‘show config’.
  • After you have verified the pending changes are correct you can commit them with the ‘commit’ command.

Adding Devices into NSO

  • To add a device you will need:
    The devices IP address or FQDN.
    SSH/Telnet protocol and port used to connect to the device.
    The authgroup needs to exist.
    The NED used to connect to the device (Device Driver).
  • From config mode on the ncs_cli we will add the device c0 using the IP address, the protocol will be telnet. We will use the cisco-ios-cli-6.42 device driver to connect to c0.
  • Verify you are in the proper directory associated for the device we want NSO to connect with.
    NOTE: You will get an error stating that the device is locked. This is the default mode for devices as a safety mechanism so NSO will not change a device until the administrator is ready. Unlock the device by changing the admit state to unlocked and commit the change.
  • Once this is completed you can connect to the device using the connect command.

Now we will add the other 2 devices C1 and C2 to the labadmin group. For the sake of doing it another way we will do this VIA the web GUI. Click on each device from the device manager page.

  • Select the labadmin authgroup under the authgroup dropdown. Repeat this process for the C2 device.
  • You can also verifiy conection VIA the ncs_cli
  • NOTE: This step is not needed as we already know we connected VIA the web GUI.

Learning the Current State of the Network

  • We have verified the connectio to the device but we have not let NSO learn the current configuration state of these network devices. First we verify no real device level configurations have been made with show commands.

Device Grouping

  • NOTE: This step is not required but it a good practice to follow and will help make management and scalability easier. We will create device groups and organize the device into a logical group. The group will be paired by devices which take the same style of configuration. ex: IOS devices in a group, NXOS devices in another group, ASA in a seperate group, etc.
  • Next we can verify our newly created IOS-DEVICES group using a show command on the ncs_cli.

We now have IOS devices we can connect and begin configuring with NSO using the ncs_cli. (NSO and NCS are interchangeable and both refer to Network Services Orchestrator).

Install Network Services Orchestrator 5.3 on Ubuntu Linux 20.04

Categories Automation, Cisco, Devnet
39 days left to get the DEVNET Associate!

Verifying Ubuntu version used for installation process

For personal use Cisco NSO is FREE to use. You can download the trial version at . Login with your CCO account.

  • Move nso-5.3 bin file to the home directory.
  • Unpack the file to a directory.
  • The source command is used in order to evaluate the file passed as an argument in the context of the current execution.
  • Create the ncs-run directory for the end location of the ncs-setup command.
  • Change directory to ncs-run and verify the version..
  • Next download the newer NEDs from the!getting-nso/ site.
  • Extract the tarballs for the nx, ios, and asa then verify.
  • You now have the newest NEDs and a running installation of the Cisco Network Services Orchestrator.
  • I ran into issues with device manager not seeing the packages so I created a new directory and began again. After stopping the ncs services, removing the original ncs directory and creating a new one I was able to see the devices in Device manager.
  • Execute ncs and then verify the service is running.
  • Navigate to http://localhost:8080 to access the web UI.
The default credentials are admin : admin

From here you can explore the different modules that the GUI has to offer.

Hacking WiFi Digital Photo Frame with Touchscreen IPS LCD Display and 16GB Built-in Memory – 10 inch Aluratek

Categories Linux

I bought this for my fiance and she never used it so I got the idea to try and see how secure it was.

Things Needed:

  • a *nix OS
  • adb installed
  • Data cable USB/mini USB
  • Aluratek
  • adb root
  • adb shell

Directories we care about:


list all installed packages:
pm list packages -f

running package:
monkey -p com.example.example -v 500

remount /system as read/write:
remount system to write: mount -o rw,remount /system