I was playing around with the onePK VM yesterday when I noticed something a little interesting, well, OK, it was all interesting, but something really stood out:
When you launch the nodes it looks like it uses a file with a .virl extension!
So it looks like onePk shares some of it's code with ViRL (or to call it by its official name, CML). We can dig a little deeper into the virl file and have a little poke about, I havn't seen much about it I last wrote about it, so it'll be nice to get a little taster if what is to come.
From an ssh connection (if you have given the onePK vm an IP on your network you can do "sudo apt-get install openssh-server") and then simply cd through to /usr/share/vmcloud/data/examples/3node/ and do "vi 3node.virl".
.virl files
What we are presented with is a bunch of XML, and if you have read anything about ViRL/CML then you'll know that it uses XML to share configuration data.The first line gives us a little insight that there is a schema for CML, and specifically for the vmmaestro GUI interface (the last line):
<?xml version="1.0" encoding="UTF-8" standalone="yes"?> <topology xmlns="http://www.cisco.com/VIRL" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" schemaVersion="0.3" xsi:schemaLocation="http://www.cisco.com/VIRL http://cide.cisco.com/vmmaestro/schema/virl.xsd">
Next we have the node information, one for each of our routers, but I am only showing one example here:
<node name="router1" type="SIMPLE" subtype="vios" location="188,263" vmImage="/usr/share/vmcloud/data/images/vios.ova">
<extensions>
<entry key="bootstrap configuration" type="String">/usr/share/vmcloud/data/examples/3node/router1.con</entry>
<entry key="import files" type="String">/home/cisco/vmcloud-example-networks/3node/router1.p12</entry>
</extensions>
<interface name="GigabitEthernet0/0"/>
<interface name="GigabitEthernet0/1"/>
<interface name="GigabitEthernet0/2"/>
<interface name="GigabitEthernet0/3"/>
</node>
Interestingly because the IOSv routers used in onePK come in an ova format if might be possible to run these as standalone VirtualBox routers, or even bring them into GNS3. I might have a play with that later on!. Don't try and cat the .p12 file, it's not humanly readable.
Each router has a bootstrap configuration, in the form of a .con file, so we'll look at those in a moment.
We then have another node, which looks to be our management communication - to allow is access to the routers:
<node name="vmc_lan_1" type="SEGMENT" location="374,520"/>
<node name="eth1" type="ASSET" location="671,235">
<interface name="none0"/>
<interface name="none1"/>
</node>
Lastly we have our physical connection information, followed by the closing topology brackets:
<node name="lan_ex" type="SEGMENT" location="722,161"/>
<connection src="/topology/node[1]/interface[1]" dst="/topology/node[2]/interface[1]"/>
<connection src="/topology/node[1]/interface[2]" dst="/topology/node[3]/interface[1]"/>
<connection src="/topology/node[1]/interface[3]" dst="/topology/node[4]"/>
<connection src="/topology/node[2]/interface[2]" dst="/topology/node[4]"/>
<connection src="/topology/node[3]/interface[2]" dst="/topology/node[4]"/>
<connection src="/topology/node[3]/interface[3]" dst="/topology/node[6]"/>
<connection src="/topology/node[5]/interface[1]" dst="/topology/node[6]"/>
<connection src="/topology/node[1]/interface[4]" dst="/topology/node[6]"/>
<connection src="/topology/node[2]/interface[3]" dst="/topology/node[5]/interface[2]"/>
</topology>
So we should be able to see that node 1 connects to nodes 2 and 3 through its first and second interfaces - GigabitEthernet0/0 and GigabitEthernet0/1 respectively, and from the router, that certainly seems to be the case:
Reachability is also good:
.con files
Looking at the router1.con file it is pretty standard Cisco configuration, I have removed extra exclamation marks though to make it a bit shorter:cisco@onepk:/usr/share/vmcloud/data/examples/3node$ cat router1.con version 15.3 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname Router1 ! boot-start-marker boot-end-marker ! no aaa new-model mmi polling-interval 60 no mmi auto-configure no mmi pvc mmi snmp-timeout 180 ! ip cef no ipv6 cef ipv6 multicast rpf use-bgp ! multilink bundle-name authenticated ! username CISCOUSERNAME privilege 15 password 0 CISCOPASSWORD ! redundancy ! interface GigabitEthernet0/0 ip address 10.10.20.110 255.255.255.0 duplex auto speed auto no shutdown ! interface GigabitEthernet0/1 ip address 10.10.30.110 255.255.255.0 no shutdown duplex auto speed auto ! interface GigabitEthernet0/2 ip address 10.10.10.110 255.255.255.0 no shutdown duplex auto speed auto ! interface GigabitEthernet0/3 ip address dhcp no shutdown duplex auto speed auto ! ip forward-protocol nd ! no ip http server no ip http secure-server ! control-plane ! banner exec ^C ************************************************************************ *vIOS - Cisco Systems Confidential * * * *This software is provided as is without warranty for internal * *development and testing purposes only under the terms of the Cisco * *onePK Software Development Kit License Agreement. Under no * *circumstances may this software be used for production purposes or * *deployed in a production environment. * * * *By using the software, you agree to abide by the terms and conditions * *of the Cisco onePK Software Development Kit License Agreement as well * *as the terms and conditions of the Cisco End User License Agreement at* *http://www.cisco.com/go/eula * * * *Unauthorized use or distribution of this software is expressly * *Prohibited. * ************************************************************************ ^C banner incoming ^C ************************************************************************ *vIOS - Cisco Systems Confidential * * * *This software is provided as is without warranty for internal * *development and testing purposes only under the terms of the Cisco * *onePK Software Development Kit License Agreement. Under no * *circumstances may this software be used for production purposes or * *deployed in a production environment. * * * *By using the software, you agree to abide by the terms and conditions * *of the Cisco onePK Software Development Kit License Agreement as well * *as the terms and conditions of the Cisco End User License Agreement at* *http://www.cisco.com/go/eula * * * *Unauthorized use or distribution of this software is expressly * *Prohibited. * ************************************************************************ ^C banner login ^C ************************************************************************ *vIOS - Cisco Systems Confidential * * * *This software is provided as is without warranty for internal * *development and testing purposes only under the terms of the Cisco * *onePK Software Development Kit License Agreement. Under no * *circumstances may this software be used for production purposes or * *deployed in a production environment. * * * *By using the software, you agree to abide by the terms and conditions * *of the Cisco onePK Software Development Kit License Agreement as well * *as the terms and conditions of the Cisco End User License Agreement at* *http://www.cisco.com/go/eula * * * *Unauthorized use or distribution of this software is expressly * *Prohibited. * ************************************************************************ ^C ! line con 0 line aux 0 line vty 0 4 transport input all ! onep transport type tls localcert demoTP disable-remotecert-validation start ! ! IOS PKI will fail to import the tftp file if we attempt this before ! the config has been fully applied. So if we just do: ! crypto pki import demoTP pkcs12 [location] [etc...] ! We would see something similar to this in the boot log: ! *Nov 29 19:27:32.415: CRYPTO_PKI: Copying pkcs12 from flash1://bootstrap_admin.con ! *Nov 29 19:27:32.492: %PKI-6-PKCS12IMPORT_FAIL: PKCS #12 Import Failed. ! Therefore we use a short delay before loading the pkcs12 file: ! event manager applet load_identity event timer countdown name Delay time 20 action 0.0 cli command "enable" action 1.0 cli command "config terminal" action 2.0 cli command "file prompt quiet" action 3.0 cli command "crypto pki import demoTP pkcs12 flash2://router1.p12 password NOTsecure" action 4.0 syslog msg "Loaded bootstrap identity certificate" ! endPretty cool stuff really, and it looks like when CML is finally released configuration will not be too hard, even without the fancy GUI! I am rather liking this onePK!
4 comments
commentsWhere exactly vios located and what extension it has.
Replycan we put some ios at that location
Its located here: /usr/share/vmcloud/data/images/vios.ova
ReplyI dont know if you can add your own images to it.
Hi
ReplyMany thanks for this post. It helps us spot where we have unintentionally confused things a little :-)
The technology that is used to run the 3 node IOSv network on the onePK All-in-One VM (AiO) is not VIRL as described in my post here:
https://blogs.cisco.com/getyourbuildon/virl-saves-the-day/
What we use on the AiO is a set of scripts called "vmcloud". The vmcloud tool is specifically designed for a low memory footprint environment so that the AiO can be used on laptops with 4GB. That makes it easier for most people to be able to try out the onePK technology with the AiO. The vmcloud technology is only used for IOSv based networks in the context of evaluating onePK.
The version of IOSv on the AiO is intended for evaluation purposes also, and is not intended to be a production grade router substitute.
Regards
Nathan
Hi Nathan
ReplyThanks for the clarification.
Can I get a copy of CML now?? :)
Thanks
Stuart