Download Cloud Services Router 1000V

[ramogundogdu]

Thanks for the nice tutorial @rchidana

If I try to download the Software I get fallowing error:

Does this software cost? How can I get the trial version?

[rchidana]

Hello,

CISCO keep changing their license and when I last checked, there was a trial version of CSR 1000V that was available for download but you would need to register yourself on their portal. Attached is the document that I could find : https://www.cisco.com/c/dam/en/us/products/collateral/routers/cloud-services-router-1000v-series/sales-tool-c96-730727.pdf

There was also one AMI image available on AWS, if you have an AWS account, you can check that as well.

Hope this helps.

[ramogundogdu]

I also created an ec2 instance (CSR 1000V) on aws and logged in via putty . That's working. Unfortunately, I cannot do this using Ansible to log in on to the CSR router. I have implemented the following example:

hosts:

[CSR_Routers]
CSR-01 ansible_host = my-ec2-public-dns

playbook, wich should make a backup of the router config:

---
- hosts: CSR-01
  gather_facts: true
  connection: ssh

  tasks:
   - name: show run
     ios_command:
       commands:
         - show run
       host: "{{ansible_host}}"
       local_action: shell ssh -i "/home/user/my-ssh-key-pair.pem" ec2-user@{{ansible_host}} "echo success"
     register: config

   - name: save output to / etc / ansible / backups
     copy:
       content: "{{config.stdout [0]}}"
       least: "/ etc / ansible / backups / show_run _ {{inventory_hostname}}. txt"

then I get the connection error:

fatal: [CSR-01]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh: root@my-ec2-public-dns: Permission denied (publickey, keyboard-interactive, password).", "unreachable" : true}

my ansible version 2.9.7

What can be the problem?

[rchidana]

My recommendation is to first check your ANSIBLE -> CSR configuration by running a simple ANSIBLE adhoc command with lots of debug information (-vvv flag)

ansible CSR_Routers -m raw -a "show clock" -vvv

This will spit out a bunch of debug information in the logs and this can help you debug.

Please check if AWS allows SSH key-less access (if not, look at ansible_ssh_private_key_file configuration), if your user on ANSIBLE device is indeed "root" and if few of the other configurations in /etc/ansible/ansible.cfg is correctly set (as shown in my video).

Hope this helps.

[ramogundogdu]

The commands ansible CSR_Routers -m raw -a "show clock" -vvv shows the time of the Router as follows:

ansible 2.9.7
  config file = /etc/ansible/ansible.cfg
  configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python2.7/dist-packages/ansible
  executable location = /usr/bin/ansible
  python version = 2.7.16 (default, Oct 10 2019, 22:02:15) [GCC 8.3.0]
Using /etc/ansible/ansible.cfg as config file
host_list declined parsing /etc/ansible/hosts as it did not pass its verify_file() method
script declined parsing /etc/ansible/hosts as it did not pass its verify_file() method
auto declined parsing /etc/ansible/hosts as it did not pass its verify_file() method
Parsed /etc/ansible/hosts inventory source with ini plugin
META: ran handlers
<my-ec2-public-dns> ESTABLISH SSH CONNECTION FOR USER: ec2-user
<my-ec2-public-dns> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o 'IdentityFile="/home/usr/my-ssh-key-pair.pem"' -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o 'User="ec2-user"' -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/8eab188f0e -tt my-ec2-public-dns 'show clock'
<my-ec2-public-dns> (0, '\r\n\r\n\r\n*14:57:14.061 UTC Mon May 4 2020', 'Shared connection to my-ec2-public-dns closed.\r\n')
CSR-01 | CHANGED | rc=0 >>

*14:57:14.061 UTC Mon May 4 2020Shared connection to my-ec2-public-dns closed.

META: ran handlers
META: ran handlers

the other ansible commands also ansible csr -m raw "show version" -vvv and ansible csr -m raw "show interfaces" -vvv works also.

but my playbook (see above) prints still the following new error:

PLAY [CSR-01] *******************************************************************************************************************************************************************************************************************************

TASK [Gathering Facts] **********************************************************************************************************************************************************************************************************************
[WARNING]: Unhandled error in Python interpreter discovery for host CSR-01: unexpected output from Python interpreter discovery
[WARNING]: sftp transfer mechanism failed on [my-ec2-public-dns]. Use ANSIBLE_DEBUG=1 to see detailed information
fatal: [CSR-01]: FAILED! => {"ansible_facts": {}, "changed": false, "failed_modules": {"setup": {"ansible_facts": {"discovered_interpreter_python": "/usr/bin/python"}, "failed": true, "module_stderr": "Shared connection to my-ec2-public-dns closed.\r\n", "module_stdout": "\r\n\r\n\r\nLine has invalid autocommand \"/bin/sh -c '/usr/bin/python '\"'\"'Line has invalid autocommand \"/bin/sh -c '\"'\"'\"'\"'\"'\"'\"'\"'( umask 77 && mkdir -p \"` echo Line has invalid autocommand \"/bin/sh -c '\"'\"'\"'\"'\"'\"'\"'\"'\"'\"'\"'\"'\"'\"'\"'\"'\"'\"'\"'\"'\"'\"'\"'\"'\"'\"'echo ~ec2-user && sleep 0'\"'\"'\"'\"'\"'\"'\"\"", "msg": "MODULE FAILURE\nSee stdout/stderr for the exact error", "rc": 0, "warnings": ["Platform unknown on host CSR-01 is using the discovered Python interpreter at /usr/bin/python, but future installation of another Python interpreter could change this. See https://docs.ansible.com/ansible/2.9/reference_appendices/interpreter_discovery.html for more information."]}}, "msg": "The following modules failed to execute: setup\n"}

PLAY RECAP **********************************************************************************************************************************************************************************************************************************
CSR-01                     : ok=0    changed=0    unreachable=0    failed=1    skipped=0    rescued=0    ignored=0

[rchidana]

Great...adhoc commands working well signifies that your ANSIBLE configuration is working perfectly well. From now on, there would be lots of device specific challenges which you will run into and to name a few from the top of the list - Python version mismatch scenarios, specific ANSIBLE modules not being supported by the Device version that you run, incompatibility between ANSIBLE, Python & CISCO device etc

From your error, it looks like you have not enabled sftp on the device - "sftp transfer mechanism failed on [my-ec2-public-dns]". Any Python module or a Playbook will SFTP a small piece of Python code onto the controlled device (CSRV in this case) and try to execute it.

Hope this helps.