Apstra ZTP - Cisco
Cisco NX-OS and ZTP Disk Space
Ensure that sufficient disk space is available on the switch. As part of the ZTP process a new OS image is copied to the switch. Before installing Apstra ZTP ensure that the switch has sufficient disk space for the OS image.
switch1# dir bootflash: | include free|total 1296171008 bytes free 3537219584 bytes total
If ZTP is installing Cisco NX-OS image, you must copy the image (nxos.7.0.3.I7.7.bin
for example) to the /containers_data/tftp directory ensuring
correct file permissions.
Example: Cisco NX-OS - ztp.json
{
"nxos": {
"nxos-versions": [ "9.2(2)" ],
"nxos-image": "http://192.168.0.6/nxos.9.2.2.bin",
"device-root-password": "admin-password",
"custom-config": "nxos_custom.sh",
"device-user": "admin",
"device-user-password": "admin-password",
"system-agent-params": {
"agent_type": "onbox",
"job_on_create": "install"
}
}
}This configuration enables secure offbox agent HTTPS (port 443) between the offbox agent on the server and the device API.
Cisco NX-OS Custom Config File
When configuring custom-config for Cisco NX-OS devices, refer to the
example nxos_custom.sh, a bash executable file executed during the
ZTP process. It can execute NX-OS configuration commands that set system
configuration, such as the SSH login banner, before installing the device system
agent.
You must add copp profile strict via the NX-OS custom-config
file.
#!/bin/sh /isan/bin/vsh -c "conf ; copp profile strict ; banner motd ~ ######################################################## BANNER BANNER BANNER BANNER BANNER BANNER BANNER BANNER ######################################################## Lorem ipsum dolor sit amet, consectetur adipiscing elit. Donec gravida, arcu vitae tincidunt sagittis, ligula massa dignissim blah, eu sollicitudin nisl dui at massa. Aliquam erat volutpat. Vitae pellentesque elit at pulvinar volutpat. Etiam lacinia derp lacus, non pellentesque nunc venenatis rhoncus. ######################################################## ~"
Cisco NX-OS Offbox Agent Custom Config File
If using Apstra ZTP to prepare a Cisco NX-OS device for use with offbox agents, you must have the custom-config file enable the following NX-OS configuration commands.
feature nxapi feature bash-shell feature scp-server feature evmed copp profile strict nxapi http port 80
You can use the following nxos_custom.sh to add these along with a
banner.
#!/bin/sh /isan/bin/vsh -c "conf ; feature nxapi ; nxapi http port 443 ; feature bash-shell ; feature scp-server ; feature evmed ; copp profile strict ; banner motd ~ ######################################################## BANNER BANNER BANNER BANNER BANNER BANNER BANNER BANNER ######################################################## Lorem ipsum dolor sit amet, consectetur adipiscing elit. Donec gravida, arcu vitae tincidunt sagittis, ligula massa dignissim blah, eu sollicitudin nisl dui at massa. Aliquam erat volutpat. Vitae pellentesque elit at pulvinar volutpat. Etiam lacinia derp lacus, non pellentesque nunc venenatis rhoncus. ######################################################## ~"
Restart Cisco NX-OS ZTP
If an agent is already installed on the device, before you restart the device ZTP process remove the agent either via the UI device agent installer or manually via the device CLI.
C9K-172-20-65-5# guestshell destroy Remove remaining AOS data from system Removing the guest-shell deletes most of the data left by AOS. Some files are still on the bootflash:/.aos folder. C9K-172-20-65-5# delete bootflash:.aos no-prompt
See Cisco Device Agents for more information.
To restart Cisco NX-OS ZTP process:
switch# write erase switch# reload