cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1277
Views
0
Helpful
11
Replies

NSO service deployed on a device not reflected

Geethanjali
Cisco Employee
Cisco Employee

Hi,

I have created a simple template service (XML + YANG) for configuring loopback interface in a device. I was able to successfully create the service and deploy it in NSO. But when i apply this service to a device though the commit step is successful i do not see the loopback interface configured in the device.

 

Below is the device settings

 

admin@ncs% show devices device router-ios-1
address   10.78.241.213;
port      22;
ssh {
    host-key ssh-rsa {
        key-data "AAAAB3NzaC1yc2EAAAADAQABAAAAgQC3rapN+QASQlIXL+nBy8ZnOvS3Ivh+QRua9kH5AZAq\ndPtmHvJz3ohreJxQISFzPinMCshhOfZdRFJmInoDKZc6rOrhSjwbLOv78FkGEnHwR43Hi7OS\nrXlZZRMjvSriIMTt7xnBpHYQVkGcF1GrjXzH/197OolMppyINCu5URM93w==";
    }
}
authgroup mygroup;
device-type {
    cli {
        ned-id   cisco-ios;
        protocol ssh;
    }
}
ned-settings {
    cisco-ios {
        connection {
            number-of-retries  2;
            time-between-retry 5;
            prompt-timeout     15000;
            send-login-newline true;
        }
        proxy {
            remote-connection         telnet;
            remote-address            192.168.250.1;
            remote-port               2066;
            remote-command            R1;
            remote-name               admin;
            remote-password           $8$LMvw1+gRkRyr3uNHFlMlCBkpvVBza5hpeXAbwR6+Gtw=;
            remote-secondary-password $8$cMrB6I/W/RwucQVoYY5d5Sin8r3n/jSgzrK6onCDy9s=;
            proxy-prompt              "#";
            proxy-prompt2             .*;
        }
    }
}

 

Below is my service push step on the device.

 

admin@ncs(config)# services IGP-test service1 device router-ios-1 loopback-interface 3 ip-address 10.10.10.10 ip-mask 255.255.255.0
admin@ncs(config-IGP-test-service1)# commit dry-run outformat xml
result-xml {
    local-node {
        data <services xmlns="http://tail-f.com/ns/ncs">
               <IGP-test xmlns="http://com/example/IGPtest">
                 <name>service1</name>
                 <device>router-ios-1</device>
                 <loopback-interface>3</loopback-interface>
                 <ip-address>10.10.10.10</ip-address>
                 <ip-mask>255.255.255.0</ip-mask>
               </IGP-test>
             </services>
    }
}
admin@ncs(config-IGP-test-service1)# commit
Commit complete.

 

Below is the device config page viewed from NSO UI. I dont see the committed loopback service reflected here though commit is successful

 

image.png

11 Replies 11

yfherzog
Cisco Employee
Cisco Employee

I think your mapping logic is not working as you expected, as you don't see any device configs on the dry-run.

Your dry-run only shows the changes on the service inputs. It should also show the service outcomes if there are any. In your case, it seems as you'd expect device configs there as well, and there are none.

 

Debug your XML template with 'commit dry-run outformat ...  | debug template' to see what's not working.

It might also be that the config is already present - a service will not overwrite existing configuration. You can try doing commit dry-run | debug service (or |debug template) for more information.

OK, I went back to recheck the template. I am running this for a Cisco IOS device and i have installed the production ios ned. When i run the below command to generate the template skeleton i see that beyond Loopback it does not provide ip address or mask parameters. Ideally it is supposed to allow ip address and mask which when i provide i can get the structure of template xml by executing commit dry run command. This template xml i will put in my service package and replace the placeholders. But why is this command not showing me the ip address and mask option

admin@ncs(config)# devices device router-ios-1 config ios:interface Loopback
Possible completions:
<0-2147483647> Loopback interface number
0
123
---
range
admin@ncs(config)# devices device router-ios-1 config ios:interface Loopback 123
Possible completions:
<cr>

Once you press enter, you'd have the auto-complete for those commands.

 

ok, now am able to get loopback template.

The issue am facing now is that my service is reflecting in terminal server and not in the actual device. I have a router accessed via terminal server. This terminal server is connected to NSO and i have set the NED proxy settings pointing to the actual device (router). Below are the settings.

 

So the expectation is that any service that i push to this terminal server should be reflected on the router. But what i see is that all service that i push to this device reflects on the terminal server and not the router. Am I missing any settings or there needs to be additional configuration parameters in the service that I developed to instruct NSO to push it to the connected router? Even in the NSO UI when i click on this device the details i see is pertaining to the terminal server.

 

admin@ncs% show devices device router-ios-1
address 10.78.241.213;
port 22;
ssh {
host-key ssh-rsa {
key-data "AAAAB3NzaC1yc2EAAAADAQABAAAAgQC3rapN+QASQlIXL+nBy8ZnOvS3Ivh+QRua9kH5AZAq\ndPtmHvJz3ohreJxQISFzPinMCshhOfZdRFJmInoDKZc6rOrhSjwbLOv78FkGEnHwR43Hi7OS\nrXlZZRMjvSriIMTt7xnBpHYQVkGcF1GrjXzH/197OolMppyINCu5URM93w==";
}
}
authgroup mygroup;
device-type {
cli {
ned-id cisco-ios;
protocol ssh;
}
}
ned-settings {
cisco-ios {
connection {
number-of-retries 2;
time-between-retry 5;
prompt-timeout 15000;
send-login-newline true;
}
proxy {
remote-connection telnet;
remote-address 192.168.250.1;
remote-port 2066;
remote-name admin;
remote-password $8$8+P+i2mA6lAladFTy+dWqYdtP2ldCaygMZHQEn4QNOY=;
proxy-prompt "#";
proxy-prompt2 .*;
}
}
}

 
  •  
 
 

any inputs/pointers pls?

I have never tried it. But, turn on the device trace (set devices global-settings trace raw) and see what it says in the log. 

I tried trace raw and see the below. Not sure why it says not_found for remote connection though i have set it to telnet

 

12-Feb-2019::10:16:18.890 result: /devices/device[name='router-ios-1']/ned-settings: true
12-Feb-2019::10:16:18.894 evaluating: /devices/device[name='router-ios-1']/ned-settings/cisco-ios-meta:cisco-ios/proxy/remote-address: not (../remote-connection='exec')
get_elem(/devices/device[name='router-ios-1']/ned-settings/cisco-ios-meta:cisco-ios/proxy/remote-connection) = not_found
12-Feb-2019::10:16:18.895 result: /devices/device[name='router-ios-1']/ned-settings/cisco-ios-meta:cisco-ios/proxy/remote-address: true
12-Feb-2019::10:16:18.895 evaluating: /devices/device[name='router-ios-1']/ned-settings/cisco-ios-meta:cisco-ios/proxy/remote-prompt: ../remote-connection='exec'
get_elem(/devices/device[name='router-ios-1']/ned-settings/cisco-ios-meta:cisco-ios/proxy/remote-connection) = not_found
12-Feb-2019::10:16:18.897 result: /devices/device[name='router-ios-1']/ned-settings/cisco-ios-meta:cisco-ios/proxy/remote-prompt: false
12-Feb-2019::10:16:37.059 evaluating: /devices/device[name='router-ios-1']/ned-settings: ../ncs:device-type/ncs:cli/ncs:ned-id = 'ios-id:cisco-ios'
exists(/devices/device[name='router-ios-1']/device-type/cli) = true

 

my settings

 

authgroup mygroup;
device-type {
cli {
ned-id cisco-ios;
protocol ssh;
}
}
ned-settings {
cisco-ios {
connection {
number-of-retries 2;
time-between-retry 5;
prompt-timeout 15000;
send-login-newline true;
}
proxy {
remote-connection telnet;
remote-address 192.168.250.1;
remote-port 2066;
remote-name admin;
remote-password $8$8+P+i2mA6lAladFTy+dWqYdtP2ldCaygMZHQEn4QNOY=;
proxy-prompt "#";
proxy-prompt2 .*;
}
}
}

I am afraid that I have no idea, I have never used proxies like that, unless someone else knows you might have to raise a ticket.

Thank you Viktor. Since am new to NSO do you know any links/docs that talk how to raise a ticket on NSO team?

For customers (or Cisco internal users working on a customer project) tickets are raised through TAC, using the entitlement that is being worked on.

Cisco internal users not working on a customer project needs to make a different arrangement. Please see the Cisco internal NSO field portal on employee communities for details and contacts.
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the NSO Developer community:

Recognize Your Peers