取消
显示结果 
搜索替代 
您的意思是: 
cancel
1231
查看次数
0
有帮助
0
评论
碧云天
Spotlight
Spotlight
一.概述

  测试思科路由器通过EEM把ospf的up/down的事件以json rpc方式推送到guestshell上面跑的flask,让flask决定下一步如何操作。

二.测试拓扑
备注:
----flask或者bottle也运行在guestshell上面,需要加&以后台方式运行,也可以运行在外面的CentOS8上面。
----测试预期到达的效果:
     当CSR1000v与R2之间OSFP的邻居中断后会自动shutdown路由器CSR1000v与R1相连的Gi1口,
     当CSR1000v与R2建立OSFP邻居后会自动up路由器CSR1000v与R1相连的Gi1口 。
三.CSR1000v配置步骤
路由器R1只是简单的配置接口地址,R2也只是配置了接口和OSPF,因此配置未给出。CSR1000v通过Gi3口上互联网,只有能上互联网,里面的guestshell才能上公网,通过pip安装包。
1.调整cpu个数和内存大小
2配置接口和路由
interface Loopback0
    ip address 10.10.10.10 255.255.255.255
interface GigabitEthernet1
    ip address 202.100.1.10 255.255.255.0
    no shutdown
interface GigabitEthernet2
    ip address 10.1.1.10 255.255.255.0
    no shutdown
interface GigabitEthernet3
    ip address 192.168.10.10 255.255.255.0
    no shutdown
ip route 0.0.0.0 0.0.0.0 192.168.10.2
router ospf 1
    router-id 10.10.10.10
    network 10.1.1.0 0.0.0.255 area 0

3.配置eem
event manager applet ospf_up_rpc
    event syslog pattern "LOADING to FULL, Loading Done"
    action 1.0 regexp "GigabitEthernet([0-9]+)" "$_syslog_msg" ifname
    action 2.0 cli command "enable"
    action 3.0 cli command "guestshell run python /home/guestshell/eem_jason_rpc_client_up.py $ifname"
event manager applet ospf_down_rpc
    event syslog pattern "from FULL to DOWN"
    action 1.0 regexp "GigabitEthernet([0-9]+)" "$_syslog_msg" ifname
    action 2.0 cli command "enable"
    action 3.0 cli command "guestshell run python /home/guestshell/eem_jason_rpc_client_down.py $ifname"
4.激活Cisco IOx
CSR1000v(config)#iox
*Dec 15 07:57:02.668: %UICFGEXP-6-SERVER_NOTIFIED_START: R0/0: psd: Server iox has been notified to start
CSR1000v#show iox-service
*Dec 15 07:57:47.060: %SYS-5-CONFIG_I: Configured from console by console
Virtual Service Global State and Virtualization Limits:

Infrastructure version : 1.7
Total virtual services installed : 0
Total virtual services activated : 0

Machine types supported   : LXC
Machine types disabled    : KVM

Maximum VCPUs per virtual service : 0
Resource virtualization limits:
Name                         Quota     Committed     Available  
--------------------------------------------------------------
system CPU (%)                   7             0             7  
memory (MB)                   1024             0           813  
bootflash (MB)               20000             0          6732  


IOx Infrastructure Summary:
---------------------------
IOx service (CAF)    : Running
IOx service (HA)     : Not Running
IOx service (IOxman) : Running
Libvirtd             : Running

CSR1000v#       
5.配置guestshell
app-hosting appid guestshell
    vnic gateway1 virtualportgroup 0 guest-interface 0 guest-ipaddress 20.1.1.1 netmask 255.255.255.0 gateway 20.1.1.254 name-server 114.114.114.114
interface VirtualPortGroup 0
    ip add 20.1.1.254 255.255.255.0
    ip nat inside
int GigabitEthernet3
    ip address 192.168.10.10 255.255.255.0
    ip nat outside
ip nat inside source static 20.1.1.1 192.168.10.200
ip route 0.0.0.0 0.0.0.0 192.168.10.2
6.进入guestshell
CSR1000v#guestshell enable  【如果不调大内存的话,可能会停在这个地方一直不动】
Interface will be selected if configured in app-hosting
Please wait for completion

*Dec 15 08:17:00.952: %IOSXE-4-PLATFORM: R0/0: kernel: dev->name [intsvc0]: dev_entry not populatedguestshell installed successfully
Current state is: DEPLOYED
guestshell activated successfully
Current state is: ACTIVATED
guestshell started successfully
Current state is: RUNNING
Guestshell enabled successfully

CSR1000v#guestshell
[guestshell@guestshell ~]$ sudo ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
15: eth0@if16: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP qlen 1000
    link/ether 52:54:dd:a2:f4:63 brd ff:ff:ff:ff:ff:ff
    inet 20.1.1.1/24 brd 20.1.1.255 scope global eth0
       valid_lft forever preferred_lft forever
    inet6 fe80::5054:ddff:fea2:f463/64 scope link
       valid_lft forever preferred_lft forever
[guestshell@guestshell ~]$ ping 114.114.114.114
PING 114.114.114.114 (114.114.114.114) 56(84) bytes of data.
64 bytes from 114.114.114.114: icmp_seq=2 ttl=128 time=33.5 ms
64 bytes from 114.114.114.114: icmp_seq=3 ttl=128 time=52.0 ms
64 bytes from 114.114.114.114: icmp_seq=4 ttl=128 time=33.3 ms
64 bytes from 114.114.114.114: icmp_seq=5 ttl=128 time=36.9 ms
64 bytes from 114.114.114.114: icmp_seq=6 ttl=128 time=33.2 ms
^C
--- 114.114.114.114 ping statistics ---
6 packets transmitted, 5 received, 16% packet loss, time 5006ms
rtt min/avg/max/mdev = 33.287/37.845/52.053/7.239 ms
[guestshell@guestshell ~]$
7.guestshell安装flask和requests并验证
sudo pip install -i   http://mirrors.aliyun.com/pypi/simple/ flask  --trusted-host  mirrors.aliyun.com
sudo pip install -i   http://mirrors.aliyun.com/pypi/simple/ requests  --trusted-host  mirrors.aliyun.com

[guestshell@guestshell ~]$ python
Python 2.7.5 (default, Jun 17 2014, 18:11:42)
[GCC 4.8.2 20140120 (Red Hat 4.8.2-16)] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> from flask import Flask, request
>>> from cli import cli
>>> import requests
>>> import sys
>>> exit()
[guestshell@guestshell ~]$
8.guestshell编辑eemflask.py文件,内容如下:
--不能将eemflask.py文件名命名为flask.py,因为需要导入flask包
from flask import Flask, request
app = Flask(__name__)


@app.route('/eem', methods=['POST'])
def router_control():
    client_post_data = request.json
    if client_post_data:
        event = client_post_data.get('event')
        event_detail = client_post_data.get('event_detail')
        if event == 'ospf' and event_detail == 'ospf down':
            if client_post_data.get('interface') == 'GigabitEthernet2':
                return {'event': 'ospf', 'cmd': "configure terminal ; interface GigabitEthernet 1 ; shutdown"}

        elif event == 'ospf' and event_detail == 'ospf up':
            if client_post_data.get('interface') == 'GigabitEthernet2':
                return {'event': 'ospf', 'cmd': "configure terminal ; interface GigabitEthernet 1 ; no shutdown"}
        else:
            return {'error', 'no jason data'}


if __name__ == '__main__':
    app.run(host='0.0.0.0', port=8000)
也可以使用bottle,需要通过sudo pip install -i   http://mirrors.aliyun.com/pypi/simple/ bottle  --trusted-host  mirrors.aliyun.com提前安装bottle,
eembottle.py文件内容如下:

from bottle import post, run, request


@post('/eem')
def eem():
    client_post_data = request.json
    if client_post_data:
        event = client_post_data.get('event')
        event_detail = client_post_data.get('event_detail')
        if event == 'ospf' and event_detail == 'ospf down':
            if client_post_data.get('interface') == 'GigabitEthernet2':
                return {'event': 'ospf', 'cmd': "configure terminal ; interface GigabitEthernet 1 ; shutdown"}

        elif event == 'ospf' and event_detail == 'ospf up':
            if client_post_data.get('interface') == 'GigabitEthernet2':
                return {'event': 'ospf', 'cmd': "configure terminal ; interface GigabitEthernet 1 ; no shutdown"}
        else:
            return {'error', 'no jason data'}


run(host="0.0.0.0", port=8000, debug=True)
8.guestshell编辑两个eem调用的request文件
eem_jason_rpc_client_up.py 内容如下:
import requests
from cli import cli
import sys

r = requests.post('http://20.1.1.1:8000/eem',
                  json={'event': 'ospf', 'event_detail': 'ospf up', 'interface': sys.argv[1]})
result_cmd = r.json().get('cmd')
output = cli(result_cmd)
print(output)
②eem_jason_rpc_client_down.py 内容如下:
import requests
from cli import cli
import sys

r = requests.post('http://20.1.1.1:8000/eem',
                  json={'event': 'ospf', 'event_detail': 'ospf down', 'interface': sys.argv[1]})
result_cmd = r.json().get('cmd')
output = cli(result_cmd)
print(output)
9.后台方式运行eemflask.py

[guestshell@guestshell ~]$ python eemflask.py &

四.验证效果
1.在R2上确定ospf邻居关系已经建立
R2#show ip ospf neighbor

Neighbor ID     Pri   State           Dead Time   Address         Interface
10.10.10.10       1   FULL/BDR        00:00:39    10.1.1.10       Ethernet0/0
R2#        
2.R2上shutdown   Ethernet0/0接口等待一段时间再no shutdown该接口

3.在csr1000v上面能看到自动shutdown 和no shutdown g1接口的日志

入门指南

使用上面的搜索栏输入关键字、短语或问题,搜索问题的答案。

我们希望您在这里的旅程尽可能顺利,因此这里有一些链接可以帮助您快速熟悉思科社区: