CISCO Nexus 7000 Series Switches Open Agent Container Instruction Manual
- June 15, 2024
- Cisco
Table of Contents
- Nexus 7000 Series Switches Open Agent Container
- Product Information
- Specifications
- Feature History
- Feature Information
- Enabling OAC on your Switch
- Connecting to the Open Agent Container
- FAQ
- Q: What platforms are supported by Open Agent Container?
- Q: How much RAM and bootflash does OAC occupy when
- Q: Is OAC still supported?
Nexus 7000 Series Switches Open Agent Container
Product Information
Specifications
-
Product Name: Open Agent Container (OAC)
-
Supported Platforms: Cisco Nexus 7000 Series Switches and Cisco
Nexus 7700 Switches -
Operating System: 32-bit CentOS 6.7
-
RAM Usage: Up to 256 MB
-
Bootflash Usage: Up to 400 MB
Feature History
| Feature Name | Releases |
|---|---|
| Open Agent Container (OAC) | 8.4(1) |
| Open Agent Container (OAC) 7.3(0)D1(1) | 7.3(0)D1(1) |
Feature Information
This feature is deprecated. The use of virtual-service commands
will result in notifications about the deprecation.
Enabling OAC on your Switch
To enable OAC on your switch, follow these steps:
-
1. Add a virtual environment to the device:
switch# virtual-service name virtual-service-name package package-location-mediaNote: The package location media can be bootflash or any other
media, including a USB device.
-
1. Use the show virtual-service list command to view the progressof the installation. After the installation is complete, a message
will be displayed on the console informing you about the successful
installation of the virtual service. -
Return to privileged EXEC mode:
switch(config-virt-serv)# endConnecting to the Open Agent Container
To connect to the Open Agent Container, follow these steps:
-
1. Install and activate the OAC in your Cisco NX-OS device:
switch# virtual-service install name oac package bootflash:oac.ova
switch# configure terminal
switch(config)# feature nxapi
switch(config)# virtual-service oac
switch(config-virt-serv)# activate
switch(config-virt-serv)# end-
1. Verify the installation by using the show virtual-servicedetail command to display the details of the installed and
configured virtual service:
switch# show virtual-service detailFAQ
Q: What platforms are supported by Open Agent Container?
A: Open Agent Container is supported on Cisco Nexus 7000 Series
Switches and Cisco Nexus 7700 Switches.
Q: How much RAM and bootflash does OAC occupy when
enabled?
A: OAC occupies up to 256 MB of RAM and 400 MB of bootflash when
enabled.
Q: Is OAC still supported?
A: No, this feature is deprecated. The use of virtual-service
commands will result in notifications about the deprecation.
Open Agent Container
· Open Agent Container (OAC), on page 1
Open Agent Container (OAC)
This chapter explains the Open Agent Container (OAC) environment and its
installation in Cisco Nexus 7000 Series Switches. OAC is a 32-bit CentOS
6.7-based container that specifically allows open agents, such as the Puppet
to run on these platforms.
Feature History for the Open Agent Container
This table lists the release history for this feature.
Table 1: Feature History for Open Agent Container
Feature Name Open Agent Container (OAC)
Releases 8.4(1)
Open Agent Container (OAC) 7.3(0)D1(1)
Feature Information
This feature is deprecated. Use of the virtual-service commands result in
notifications about the deprecation.
This feature was introduced in the Cisco Nexus 7000 Series Switches and Cisco
Nexus 7700 Switches.
The following commands were introduced or modified: virtual-service, virtual-
service connect, virtual-service install, virtual-service uninstall, virtual-
service upgrade, show virtual-service list, and show virtual-service detail.
Open Agent Container 1
Information About Open Agent Container
Open Agent Container
Information About Open Agent Container
Beginning with Cisco NX-OS Release 8.4(1), the Open Agent Container support is
deprecated. This featue was added in the Cisco NX-OS Release 7.3(0)D1(1) with
the purpose of providing and execution space for configuration management. It
is recommended to use agent-less configuration management systems such as
Puppet or Ansible with the Cisco Nexus 7000 Series switches. Open agents
cannot be directly installed on these platforms. Instead, they run in a
special environment–a decoupled execution space within a Linux Container
(LXC)–called the Open Agent Container (OAC). Decoupling the execution space
from the native host system allows customization of the Linux environment to
suit the requirements of the applications without impacting the host system or
applications running in other Linux containers. The OAC is a 32-bit CentOS
6.7-based environment that provides a server-like experience to users. This
means that after installation and first activation, users are responsible for
setting up the DNS information in the /etc/resolv.conf or providing host
information in the /etc/hosts, etc. as is done on any regular Linux system.
Note At a given point in time, OAC is supported in only one VDC.
By default, networking in the OAC is performed in the default routing table
instance. Any additional route that is required (for example, a default route)
must be configured in the native switch console and should not be configured
using the CentOS commands. To use a different routing instance (for example,
the management VRF), use the following commands: To get a bash shell in the
management VRF, run the chvrf management command. To pass the VRF context to
the specific command without changing the VRF instance in the shell, run the
chvrf management cmd command.
Note The OAC occupies up to 256 MB of RAM and 400 MB of bootflash when
enabled.
From within the OAC, the network administrator can perform the following
functions: · Access the network over Linux network interfaces. · Access the
device’s volatile tmpfs. · Access the device CLI using the dohost command. ·
Access Cisco NX-API. · Install and run Python scripts. · Install and run
32-bit Linux applications.
Open Agent Container 2
Open Agent Container
Enabling OAC on your Switch
Enabling OAC on your Switch
Installing and Activating Open Agent Container
The Open Agent Container (OAC) application software is packaged into a file
with a .ova extension (OVA file, which will be hosted at the same location as
the Cisco NX-OS images in the CCO directory and on GitHub). This package must
first be copied to a location on the device using the copy scp:: command
before it is installed on the device. The install keyword extracts the OVA
file, validates the contents of the file, creates a virtual service instance,
and validates the virtual machine definition file in XML. You do not have to
copy configurations to the startup configuration file of the device to
preserve the installation of the OVA file. After you download the oac.ova file
to your device, install and activate the OAC. You can install a different OVA
file on the active and standby route processors. To install and activate OAC
on your device, perform the following.
Step 1
Step 2 Step 3 Step 4 Step 5 Step 6
Add a virtual environment to the device: switch# virtual-service name virtual-
service-name package package-location-media Note The media in which the
package is located can be bootflash or any media, including a USB device.
Note Use the show virtual-service list command to view the progress of the
installation. After the installation is complete, a message is displayed on
the console informing you about the successful installation of the virtual
service.
After the installation is complete, enter global configuration mode and
activate the virtual service: switch# configure terminal Enable the NX-API
feature: switch(config)# feature nxapi Communication between the Puppet agents
and the Cisco Nexus devices is achieved using the NX-APIs. Configure the
virtual service and enter virtual service configuration mode: switch(config)#
virtual-service name Activate the configured virtual service: switch(config-
virt-serv)# activate Note To deactivate the virtual service, use the no
activate command in virtual service configuration mode.
Return to privileged EXEC mode: switch(config-virt-serv)# end
Open Agent Container 3
Connecting to the Open Agent Container
Open Agent Container
Example
The following example shows how to install and activate the OAC in your Cisco
NX-OS device. This is followed by the verification command that displays the
details of the installed and configured virtual service.
switch# virtual-service install name oac package bootflash:oac.ova switch#
configure terminal switch(config)# feature nxapi switch(config)# virtual-
service oac switch(config-virt-serv)# activate switch(config-virt-serv)# end
switch# show virtual-service detail
Virtual service oac detail
State
: Activated
Package information
Name
: oac.ova
Path
: bootflash:/oac.ova
Application
Name
: OpenAgentContainer
Installed version : 1.0
Description
: Cisco Systems Open Agent Container
Signing
Key type
: Cisco release key
Method
: SHA-1
Licensing
Name
: None
Version
: None
Resource reservation
Disk
: 400 MB
Memory
: 256 MB
CPU
: 1% system CPU
Attached devices
Type
Name
Alias
———————————————
Disk
_rootfs
Disk
/cisco/core
Serial/shell
Serial/aux
Serial/Syslog
serial2
Serial/Trace
serial3
Connecting to the Open Agent Container
To connect to the virtual service environment, use the virtual-service connect
name virtual-service-name console command in privileged EXEC mode. In this
case, the virtual environment we previously configured is the OAC.
switch# virtual-service connect name oac console
To access the OAC environment, use the following credentials: username: root,
password: oac.
Open Agent Container 4
Open Agent Container
Verifying the Networking Environment Inside the Open Agent Container
When you access the OAC environment for the first time, you will be prompted to reset your password immediately. Follow the instructions to reset your password. After you reset your password, you will have access to the OAC environment.
Note Press Ctrl-C thrice times to terminate the connection to the OAC and return to the switch console.
Verifying the Networking Environment Inside the Open Agent Container
To ensure that you can install open agents on your switch directly from the
Internet, verify the networking environment within the configured OAC.
Step 1
Step 2 Step 3 Step 4
Edit the /etc/resolv.conf to point to a DNS server. The default servers are
OpenDNS Public DNS (208.67.222.222 and 208.67.220.220).
Make sure that you set the correct time in the container. You can set up the
Network Time Protocol (NTP) on the host inside the VSH. The time from the host
will automatically be synchronized with the OAC. If your switches are behind a
firewall without direct connectivity to the internet use a proxy server.
(Optional) Inside the container, set up http_proxy and https_proxy to point to
your proxy server. export http_proxy=
Upgrading Open Agent Container
If there is a new OVA available, you can upgrade the existing installation by
using the virtual-service upgrade name virtual-service-name package package-
location-media command in privileged EXEC mode. To upgrade to a new OVA, you
must first deactivate the existing OVA by using the no activate command in
virtual service configuration mode.
Caution After you upgrade, you will lose all the changes and configurations
made in the earlier version of the OAC. You will have to start afresh in the
new OAC environment.
Example
The following example shows you how to upgrade to a new OAC:
switch# configure terminal switch(config)# feature nxapi switch(config)#
virtual-service oac switch(config-virt-serv)# no activate switch(config-virt-
serv)# end switch(config)# virtual-service install name oac package
bootflash:oac1.ova switch# configure terminal switch(config)# feature nxapi
switch(config)# virtual-service oac
Open Agent Container 5
Uninstalling Open Agent Container
Open Agent Container
switch(config-virt-serv)# activate switch(config-virt-serv)# end
Uninstalling Open Agent Container
To uninstall the OAC, perform the .
Before you begin To uninstall the OAC from the Cisco NX-OS device, deactivate
the OAC first.
Step 1 Step 2 Step 3 Step 4 Step 5 Step 6 Step 7
Enter global configuration mode and deactivate the virtual service: switch#
configure terminal
Enter virtual service configuration mode: switch(config)# virtual-service
virutal-service-name
Deactivate the configured virtual service: switch(config-virt-serv)# no
activate
Exit to global configuration mode: switch(config-virt-serv)# exit
Disable the configured virtual service: switch(config)# no virtual-service
virtual-service-name
Exit to privileged EXEC mode: switch(config)# exit
Uninstall the virtual service: switch# virtual-service uninstall name virtual-
service-name Note Use the show virtual-service list command to view the
progress of the uninstallation. After the uninstallation
is complete, you will see a message on the console about the successful
uninstallation of the virtual service.
Example:
The following example shows you how to deactivate and uninstall the OAC from
your Cisco NX-OS device:
switch# configure terminal switch(config)# virtual-service oac switch(config-
virt-serv)# no activate switch(config-virt-serv)# exit switch(config)# no
virtual service oac switch(config)# exit switch# virtual-service uninstall
name oac
Open Agent Container 6
Read User Manual Online (PDF format)
Read User Manual Online (PDF format) >>