Goal :
- Faster deployment in Nexus Switch
Requirement
- DHCP Server ( isc-dhcp-server )
- TFTP / SCP Server
- Cisco Nexus 9000v ( GNS3)
- Python Script
Below the topology in Development Environment
Both devices will automatically push configuration based on serial Number. The following mapping configuration in Nexus 9000v
IP | SN | Switch Name | Script Name | Script Name |
172.19.254.31 | 9GPNP3P68OD | LEAF1R1 | poap_nexus_sn.py | conf.9GPNP3P68OD |
172.19.254.32 | 91990H4TOLV | LEAF2R1 | poap_nexus2_sn.py | conf.91990H4TOLV |
Install isc-dhcp-server
root@dhcp-server-prov:~$ apt-get installisc-dhcp-server -y
Edit isc-dhcp-server configuration in file /etc/dhcp/dhcpd.conf. In the option dhcp-client-identifier you need to add « \000 » before the serial number.
default-lease-time 3600;
max-lease-time 7200;
authoritative;
subnet 172.19.254.0 netmask 255.255.255.0 {
range 172.19.254.11 172.19.254.200;
host n9k1 {
option dhcp-client-identifier “\0009GPNP3P68OD”;
fixed-address 172.19.254.31;
option routers 172.19.254.1;
option bootfile-name “poap_nexus_sn.py”;
option tftp-server-name “172.19.254.3”;
}
host n9k2 {
option dhcp-client-identifier “\00091990H4TOLV”;
fixed-address 172.19.254.32;
option routers 172.19.254.1;
option bootfile-name “poap_nexus2_sn.py”;
option tftp-server-name “172.19.254.3”;
}
Install tftpd-hpa
root@tftp:~# apt-get install tftpd-hpa -y
Edit tftpd-hpa configuration in file /etc/default/tftpd-hpa
TFTP_USERNAME=”tftp”TFTP_DIRECTORY=”/home/rohmat/tftp-server”TFTP_ADDRESS=”0.0.0.0:69″TFTP_OPTIONS=”–secure”
in directory /home/rohmat/tftp-server, download script on github https://github.com/rohmattriindra/poapn9kv.git
rohmat@tftp:~/tftp-server$ git clone https://github.com/rohmattriindra/poapn9kv.git
rohmat@tftp:~/tftp-server$ mkdir n9k
rohmat@tftp:~/tftp-server/popapn9kv$ mv * ../n9k
rohmat@tftp:~/tftp-server$ md5sum poap_nexus_sn.py71c542b1504265f2751f39ace85dcd3f poap_nexus_sn.py
rohmat@tftp:~/tftp-server$ md5sum poap_nexus2_sn.pyc180867155428f301a6f9a26622ad066 poap_nexus2_sn.py
After generate an md5 of the poap_nexus_sn.py & poap_nexus2_sn.py, the following line will replace the second line with md5, if the md5 is not validated the POAP process will fail and restat
rohmat@tftp:~/tftp-server/n9k$ f=poap_nexus_sn.py ; cat$f | sed’/^#md5sum/d’> $f.md5 ; sed-i “s/^#md5sum=.*/#md5sum=\”$(md5sum $f.md5 | sed ‘s/ .*//’)\”/”$f
rohmat@tftp:~/tftp-server/n9k$ f=poap_nexus2_sn.py ; cat$f | sed’/^#md5sum/d’> $f.md5 ; sed-i “s/^#md5sum=.*/#md5sum=\”$(md5sum $f.md5 | sed ‘s/ .*//’)\”/”$f
Put image nxos.7.0.3.I7.3.bin & configuration file conf.XXXX , also need to generate an md5 for the image
rohmat@tftp:~/tftp-server/n9k$ md5sum conf.91990H4TOLV > conf.91990H4TOLV.md5
rohmat@tftp:~/tftp-server/n9k$ md5sum conf.9GPNP3P68OD > conf.9GPNP3P68OD.md5
rohmat@tftp:~/tftp-server$ md5sum nxos.7.0.3.I7.3.bin > nxos.7.0.3.I7.3.bin.md5
Demo auto provisioning LEAF1R1
Demo auto provisioning LEAF2R1