Cisco IOS-XEのGuestShell初めて知った Pythonで設定操作できるのマジ？ qiita.com/kikuta2055/items/1…

🚨 New guidance from intl cybersecurity agencies on hardening communications infrastructure against cyber espionage! 🌎 💪 Enhance visibility: monitor network activity, limit management traffic exposure, validate user accounts, and implement secure logging. 🕵️‍♀️ 🔒 Harden systems & devices: use out-of-band management, implement strong segmentation & ACLs, harden VPNs, and disable unnecessary services. 🧱 🔑 Cisco users: disable Smart Install & guestshell, use encrypted web mgmt, disable telnet, and store passwords securely. 🛡️ Do we really think telco providers are going to harden their systems based on these suggestions? I don't think so if you look at the actual suggestions above. Its things that have been known in the industry as standards since 2000. Like, I learned these standards over 2-decades ago. Yet they are still suggestions in this report. Something doesn't feel right about all of this...

When it comes to network automation and on-box programmability, both Open NX-OS Bash shell and Guestshell IOx offer unique advantages that cater to different aspects of on-box automation tasks. Here’s how each can be used effectively. networkautomator.com/2024/09…

Hack. EEM writes to a file. EEM triggers guestshell. Python script in guest shell reads file.

So guestshell run python script.py <prints stuff to the cli> EEM script runs the script silently you do see the output Aside from piping the script to a file and guestshell cat file are there EEM knobs I can turn to print my py script response directly to CLI

久しぶりにAppHostingの設定をしてて，Frontpanel portとAppGig1/0/1のブリッジでうっかりVlan1のままやろうとして時間ロスした。ちゃんとマニュアルに書いておいて欲しいよね。。。 Guestshell connectivity doesn't work in VLAN1 CSCwb55731 cisco.com/c/en/us/td/docs/io…

A Short blog: What is on-box programmability, uses cases and routing a Guestshell on IOSXE Uses cases of on-box Automation: Application hosting IOx Python scripts for net diagnostics Air gapped network Unlock Linux capabilities of IOS-XE IOx= IOS Linux networkautomator.com/2023/10…

Kicking off another day of lightning talks in the Cisco U. Theater: "What Changed? Using EEM, Guestshell, Python, and Git for Cisco IOS XE Change Control" with @PalmerCCIE #CiscoLiveEMEA

#Linux #AdvancedNetworkProgramming #container #devnet #devops #netdevops #IntentBasedNetworking #ParsingAPIDataFormats #GuestShell #NXAPI #RestConf #RestAPI #ModelDrivenAutomation #knowledgeclub #egitimdelider #GelecegeUzananKopru

tamamladık. #DOCKER #Turkcell #python #Linux #AdvancedNetworkProgramming #container #devnet #devops #netdevops #IntentBasedNetworking #ParsingAPIDataFormats #GuestShell #NXAPI #RestConf #RestAPI #ModelDrivenAutomation #knowledgeclub #egitimdelider #GelecegeUzananKopru

#Turkcell #python #Linux #AdvancedNetworkProgramming #container #devnet #devops #netdevops #IntentBasedNetworking #ParsingAPIDataFormats #GuestShell #NXAPI #RestConf #RestAPI #ModelDrivenAutomation #knowledgeclub #egitimdelider #GelecegeUzananKopru

Sadly I am limited to Python 2.7 on NXOS guestshell but believe me I tried to shoehorn Rich in here

Here is a little snippit of Python that we can use to print JSON files stored in our Git repository If you are following along it means we can push the JSON from our network device guestshell to Git repo then call it from the cloud into Python - to follow up with pyATS tests!

For everyone who was part of the stream last night - no EEM guestshell access on the cat9kv yet ! Which sounds like bad news but I take it as good news ! Our idea and theory should work on a physical Nexus !

If you have one I would love to know if you can trigger a an EEM action to cli guestshell run python based on the syslog event from a copy run start I have a feeling it would work on a physical 9k

Wow thanks for the great turn out on the stream - we had some fun and it was super engaged tonight I don’t think n9kv supports guestshell run from EEM but I will try to talk to some people at Cisco - we know the event trigger works but the action of running the Python failed

Tonight I will be turning on the stream to show you my latest idea - nxpydocs - and the guestshell capabilities of NXOS ! I hope to start a bit earlier tonight say 6pm EST

Using guestshell I’m able to transform show commands to documentation right on the box Next steps are to get the docs off the box into a Git repo and then trigger it all using EEM events !

This is *right on the Nexus 9k* *guest shell *pip install my app *run the app *provide show command *provide filetype Again - no pyATS; no REST API; *right on the Nexus from guestshell*

An idea - self-documenting Nexus with guestshell - clid() returns JSON from show commands - so we can replace the pyATS parser logic with clid() logic - then trigger it with EEM on write mem, reload, specific time intervals - and send the business ready files to off-box Git repo