I introduced how to use PowerShell/PowerTool to automate Cisco UCS servers via UCS Manager in July 2016. Time to play with something new in the new month, using Python to manage network devices.
Both Cisco and Juniper has Python library, Cisco confparse and Juniper PyEZ. We don’t have to install python on Linux. I used to install PyEZ on Windows with PyCharm as IDE and install SSH plugin. The beauty of Linux is…it is free and light in resource usage. In addition, Cisco appliances and OS such as Prime and IOS-XE are running on Linux platform so does JUNOS; though those are considered as ‘closed system’ by vendors, which means no patching on the underline Linux is required. Anyway…what I am trying to say is Linux is useful.
I installed Ubuntu 14.04 server version on ESXi 5.5; sure the OS can also be installed natively on a physical server.
Prepare IP, Mask, Gateway, DNS and NTP information in advance and also Internet accessibility. DNS is important for Linux to contact software repository (similar to App Store on iPhone) on the Internet to download and install softwares.
Install on ESXi as VM with following settings:
The installation process is very self explanatory and with GUI interface.
I selected ‘Configure network manually’ to configure static IP and gateway address.
During the installation, the wizard will help us set up the first user and the user’s home directory. I create a user John Smith with account ‘jsmith‘.
Please note, in Ubuntu ‘root’ account password is locked. Therefore, initially we cannot login ubuntu as root directly, or use ‘su root’ to change to root user. After login to ubuntu with user account not root, it is possible to set up and unlock root password. However, it is not recommended due to security best practice. ‘root’ is the linux default account with superuser access. Therefore, we don’t want to use ‘root’ account for daily activity.
We will be able to add more users later using command line upon logging into ubuntu.
Similar to Windows, each user will have his/her own home directory.User jsmith’s home directory will be /home/jsmith/.
The wizard will also guide us through disk partition. ‘Guide – use entire disk and set up LVM’ means to use the entire disk as whole but create logical volume on the disk.
Following screenshot shows creating logical volume. The size of logical volume can be expanded later.
GRUB boot loader is then installed. Linux distributions generally use GRUB as it’s boot loader. Cisco appliances using Linux platform these days also displace GRUB menu when boot up.
In Ubuntu, GRUB menu is hidden by default. No issue to keep it hidden if you only use single boot system. We can make the menu temporarily unhidden by press and hold ‘Shift’ at the beginning of server startup.
For permanent change you’ll need to edit your
/etc/default/grub file — place a “#” symbol at the start of line
GRUB_HIDDEN_TIMEOUT=0. Save changes and run
sudo update-grub to apply changes.
The last step of the installation is to install server role/feature. In Windows we can select Active Directory role, Certificate Authority, IIS and etc.; we can do similar in Ubuntu to have some sofware pre-installed. ‘OpenSSH server’ is selected in our case, because we need to SSH to the server later.
Console and SSH Access to Ubuntu
We can initially access via VMWare console. Login as ‘jsmith’ the user account we created during the setup wizard.
Use ‘ifconfig’ to verify IP address and test Ping reachability. Although Ping reachability is achieve, but we still cannot SSH to the server. Error message is shown below:
Then I double check whether OpenSSH server is installed using command
dpkg --get-selections | grep openssh. Use
dpkg --help to access ‘dpkg’ command help information. ‘|’ is the same pipe as in Cisco and Juniper commands. ‘grep’ is for searching plain-text data sets for lines matching a regular expression, such as text including ‘openssh’ in our case.
The result is as below and doesn’t show the server has ‘openssh-server’ installed. It turns out because I didn’t connect to Internet while installing the server.
After access Internet, use command
sudo apt-get install openssh-server to download and install ‘openssh’ from Linux online software repository. ‘sudo’ means ‘superuser do’, it is similar to ‘run as administrator’ on Windows. ‘apt-get install’ will get the software packet from the Linux software repository and install.
I try to SSH to the ubuntu server again, and it works this time!
If it still doesn’t work for you, check the firewall port listening status on the server by the command
netstat -tuplen. My result is as below, port 22 is open.
If port 22 is not open, use the command
sudo ufw allow 22 to allow traffic through.
To be Continued…
The new server should be up running and SSH accessible by now. I will introduce user management tricks in Linux/ubuntu in the next post.