In k8s we have two probes that are used to monitor the health and availability of a container, readiness and liveness probes. This post shows some examples on how to use them. The post will hopefully interest you in trying to take advantage of those probes when running NSO in k8s.
The more you can check in your liveness probe, the more certain you can be that NSO is actually up and running and does what it should.
NOTE, the actions in the example are toy examples, but hopefully they'll set you off with some ideas on how you can create readiness and most importantly a good liveness probe for your system. The liveness probe could in theory do a number of things, including touching devices.
The readiness probe determines when a container is ready for service. NSO can sometimes take some time before it's ready for service.
See the k8s-liveness-readiness/is-ready.sh script. It first checks if NSO is started at all, if that succeeds, the script calls a simple action (/k8s/ready).
Please see k8s-liveness-readiness/lr-test/python/lr_test/main.py
After the container has been running for a while, we need to make sure it's still alive. This is also done using an action (/k8s/alive). The example action simply creates a config transaction and writes a leaf (/k8s/last-live-check), this is to test that we can successfully commit a configuration transaction.
To run the examples, please see instructions below.
You'll need to build the NSO system install base image. This is a somewhat minimized image that installs NSO.
Please note that you need to supply your own NSO installer binary and modify the Makefile for a correct container name. See the CONTAINER and VER variables in nso-system-install-base/Makefile.
make image push
Once you have managed to build the base image, you can move on to the example.
We have a service that adds a configuration to a device, like in the following example: devices device XXconfigcisco-ios-xr:router bgp 65000address-family ipv4-unicastexitexit! We need that if an operator manually (thru NSO) adds config in a sub...
Is there a document or reference to know how secure is NSO and what are the security features it supports? We need to verify this to meet our PSB security requirements for our product. Any help is greatly appreciated.
I am trying to configure the NSO in the lab NSO Fundamentals, but I get stuck when I add the device edge-sw01. When I follow the steps one off the commands isn't recognized. This are the steps what on the site is writen: devices device edge...
How can I (dynamically) create resource pools that assign resources on a per-device basis? Basically, I'd like to generate a pool for every device that assigns an index to some of the device's interfaces. The following will re-use the same indexes fo...