Introduction
This document describes how to setup Extra Packages for Enterprise Linux (EPEL) as third party repository on the Cisco Open NX-OS.
Prerequisites
Requirements
Cisco recommends that you have knowledge of these topics:
- Cisco Open NX-OS
- Domain Name System (DNS)
Components Used
The information in this document is based on Cisco Nexus N9K-C9364C with NXOS version 10.3(4a).
The information in this document was created from the devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If your network is live, ensure that you understand the potential impact of any command.
Configure
Cisco NX-OS is the network operating system (OS) that powers Cisco Nexus switches across thousands of production environments. It was the first data center network operating system to be built with Linux. Cisco NX-OS has always been powered by Linux, under the hood, and has recentl, exposed many of the Linux capabilities to end-users.
Users can leverage their standard Linux server management tools and workflows to install their custom-developed Linux-based applications, or other standard open source programs, and have them function "out of the box" on the Nexus switch. It is straightfoward to integrate common third-party configuration management agents like Puppet, Chef, and telemetry applications such as ganglia, splunk, collector, nagios on the switch.
Methods
There are two ways to connect Nexus switches to third party repositories.
- Directly: You can reach repository using any layer 3 interface.
- Via Proxy: You can reach repository through proxy using any layer 3 interface.
Configurations
These configurations are implemented on Nexus 9K switch using management VRF for all communications.
Method 1: Directly Connected
Step 1. Enable required features.
Nexus(config)# feature bash
Step 2. Configure DNS client.
Nexus(config)# ip domain-lookup
Nexus(config)# vrf context management
Nexus(config-vrf)# ip name-server <dns server ip>
Step 3. Configure third party repository file. Here you point to your desired repository.
Note:
This guide uses Extra Packages for Enterprise Linux (EPEL) as example
Vim is pre-installed to edit files.
Cat command is used to show the content file.
Nexus# run bash
bash-4.3$ sudo su -l
root@cisco#cat /etc/yum/repos.d/thirdparty.repo
[thirdparty]
name=Thirdparty RPM Database
baseurl=https://dl.fedoraproject.org/pub/epel/7/x86_64/
enabled=1
gpgcheck=1
metadata_expire=0
cost=500
sslverify=0
Step 4. Download proper GNU Privacy Guard (GPG) key on the expected directory.
Note: Management VRF is specified
root@cisco#cd /etc/pki/rpm-gpg
root@cisco#ip netns exec management wget https://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-7
Step 5. Import the GPG key.
root@cisco#rpm --import RPM-GPG-KEY-EPEL-7
Method 2: Connected via Proxy
Step 1. Enable required features.
Nexus(config)# feature bash
Step 2. Configure DNS client.
Nexus(config)# ip domain-lookup
Nexus(config)# vrf context management
Nexus(config-vrf)# ip name-server <dns server ip>
Step 3. Configure options file for yum. Here you point to the proxy.
Note:
The proxy_username and proxy_password options are not required for anonymous proxy.
Timeout value is 60 by default, set the option if you want a different value.
Vim is pre-installed to edit files.
Cat command is used to show the content file.
Nexus# run bash
bash-4.3$ sudo su -l
root@cisco#cat /etc/yum/yum.conf
[main]
cachedir=/var/cache/yum
keepcache=1
debuglevel=2
logfile=/var/log/yum.log
exactarch=1
obsoletes=1
pluginpath=/lib/yum-plugins
plugins=1
proxy=http://<proxy ip>:<proxy port>/
proxy_username=cisco
proxy_password=cisco123
timeout=300
# PUT YOUR REPOS HERE OR IN separate files named file.repo
# in /etc/yum/repos.d
Step 4. Configure third party repository file. Here you point to your desired repository.
Note:
This guide uses Extra Packages for Enterprise Linux (EPEL) as example.
Vim is pre-installed to edit files.
Cat command is used to show the content file.
root@cisco#cat /etc/yum/repos.d/thirdparty.repo
[thirdparty]
name=Thirdparty RPM Database
baseurl=https://dl.fedoraproject.org/pub/epel/7/x86_64/
enabled=1
gpgcheck=1
metadata_expire=0
cost=500
sslverify=0
Step 5. Setup proxy for https connections.
root@cisco#export https_proxy=http://<proxy ip>:<proxy port>
Step 6. Download proper GNU Privacy Guard (GPG) key on the expected directory.
Note: Management VRF is specified
root@cisco#cd /etc/pki/rpm-gpg
root@cisco#ip netns exec management wget https://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-7
Step 7. Import the GPG key.
root@cisco#rpm --import RPM-GPG-KEY-EPEL-7
Verify
This guide installs SHC package to verify third party respository has been configured properly.
Note: Management VRF is specified on every command
Step 1.Confirm Nexus is able to fetch packages.
root@cisco#ip netns exec management yum repolist
Loaded plugins: downloadonly, importpubkey, localrpmDB, patchaction, patching,
: protect-packages
groups-repo | 1.1 kB 00:00 ...
localdb | 951 B 00:00 ...
patching | 951 B 00:00 ...
thirdparty | 4.7 kB 00:00
wrl-repo | 951 B 00:00 ...
repo id repo name status
groups-repo Groups-RPM Database 46
localdb Local RPM Database 0
patching Patch-RPM Database 0
thirdparty Thirdparty RPM Database 13,798
wrl-repo Groups-RPM Database 12
repolist: 13,856
Step 2. Install SHC package
root@cisco#ip netns exec management yum install shc
Loaded plugins: downloadonly, importpubkey, localrpmDB, patchaction, patching,
: protect-packages
groups-repo | 1.1 kB 00:00 ...
groups-repo/primary | 35 kB 00:00 ...
groups-repo 46/46
localdb | 951 B 00:00 ...
localdb/primary | 197 B 00:00 ...
patching | 951 B 00:00 ...
patching/primary | 197 B 00:00 ...
thirdparty | 4.7 kB 00:00
thirdparty/primary_db | 7.0 MB 00:25
wrl-repo | 951 B 00:00 ...
wrl-repo/primary | 4.2 kB 00:00 ...
wrl-repo 12/12
Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package shc.x86_64 0:4.0.3-1.el7 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
================================================================================
Package Arch Version Repository Size
================================================================================
Installing:
shc x86_64 4.0.3-1.el7 thirdparty 38 k
Transaction Summary
================================================================================
Install 1 Package
Total download size: 38 k
Installed size: 90 k
Is this ok [y/N]: y
Downloading Packages:
shc-4.0.3-1.el7.x86_64.rpm | 38 kB 00:00
Running Transaction Check
Running Transaction Test
Transaction Test Succeeded
Running Transaction
** Found 1 pre-existing rpmdb problem(s), 'yum check' output follows:
busybox-1.23.2-r0.0.x86_64 has missing requires of busybox-syslog
Installing : shc-4.0.3-1.el7.x86_64 1/1
Installed:
shc.x86_64 0:4.0.3-1.el7
Complete!
Install operation 21 completed successfully at Tue Apr 9 23:36:10 2024.
[####################] 100%
Step 3. Confirm SHC is installed.
root@cisco#shc
shc parse(-f): No source file specified
shc Usage: shc [-e date] [-m addr] [-i iopt] [-x cmnd] [-l lopt] [-o outfile] [-rvDSUHCABh] -f script
Related Links
Open NX-OS
Programmability and Automation with Cisco Open NX-OS
Repository for Cisco Nexus Switch Programmability Scripts