In k8s we have two probes that are used to monitor the health and availability of a container, readiness and liveness probes. This post shows some examples on how to use them. The post will hopefully interest you in trying to take advantage of those probes when running NSO in k8s.
The more you can check in your liveness probe, the more certain you can be that NSO is actually up and running and does what it should.
NOTE, the actions in the example are toy examples, but hopefully they'll set you off with some ideas on how you can create readiness and most importantly a good liveness probe for your system. The liveness probe could in theory do a number of things, including touching devices.
The readiness probe determines when a container is ready for service. NSO can sometimes take some time before it's ready for service.
See the k8s-liveness-readiness/is-ready.sh script. It first checks if NSO is started at all, if that succeeds, the script calls a simple action (/k8s/ready).
Please see k8s-liveness-readiness/lr-test/python/lr_test/main.py
After the container has been running for a while, we need to make sure it's still alive. This is also done using an action (/k8s/alive). The example action simply creates a config transaction and writes a leaf (/k8s/last-live-check), this is to test that we can successfully commit a configuration transaction.
To run the examples, please see instructions below.
You'll need to build the NSO system install base image. This is a somewhat minimized image that installs NSO.
Please note that you need to supply your own NSO installer binary and modify the Makefile for a correct container name. See the CONTAINER and VER variables in nso-system-install-base/Makefile.
make image push
Once you have managed to build the base image, you can move on to the example.
Shelly Cadora wrote a blog post about rolling out Segment Routing in an LDP/ISIS network a while ago - apologies - should have posted here earlier... This is also a great post about network automation using NSO in general.
Hi all,we are building a service for deploying a VRF across the entire network in one go.the VRF services instance will be applied to many devices and many device types, the template has sections for IOS, XR and NXthe issue we are having is that we are us...
Hi, In NSO I can configure hard-coded accounts and password to connect to devices (authgroups).If I do not want that (our security team does not like that) and instead I have to to keep device passwords in a system like HashiCorp Vault, how can ...
Is there a simple way to map NSO CLI commands to the equivalent path in JSONRPC? I'm specifically looking to be able to do "devices device compare-config" and "devices sync-to dry-run" through Ansible's nso_actions module, but details on how to map to oth...
For spawning a VNF, we updated the nfvo vnf-info configuration with the day0 destination path and also defined variables to inject within the day0 file. But, though the VNF is spawned successfully and active, we are unable to login to the ...