Prerequisites
- Running GNS3 Server with at least 8GB of RAM
- A Hypervisor of some sort
- Complete Understanding of NAT & Cloud GNS3 Nodes
- IOSv L2 Cisco Image (15.2 is used in this Example)
- Intermediate Linux skills (adjusting Network Config and Installing Apps)
The Setup
We intend to automate SW1, SW2, and SW3 in the future.
Next up, we got an Intermediate switch, which should have better performance for bringing the Internet into the LAB via the NAT Node.
Finally, we have a cloud node, which is simply a second network interface card of the GNS3 server that is connected to a vSwitch in a hypervisor. The vSwitch is then connected to a Debian virtual machine.
Please feel free to modify the setup to suit your requirements. Running the Ubuntu or Debian Node outside of GNS3 is advised, nevertheless.
During the YANG Suite installation, the guests encountered CPU stalls and other issues, which resulted in the installation being terminated.
The YANG Suite and the infrastructure are accessed via the Windows host.
Theoretically, a single computer running VMware Workstation Player could complete this entire lab.
Preparing Debian
The Debian Node must first be granted Internet access. Verify that the Cloud Node in the background is connected to the Debian NIC.
To acquire an IP address from the NAT-Node, set up DHCP in Debian.
When completed, it ought to resemble this.
root@network-automation-node:~# ip address
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host noprefixroute
valid_lft forever preferred_lft forever
2: eth0@if115: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether bc:24:11:17:5a:36 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 192.168.122.17/24 brd 192.168.122.255 scope global dynamic eth0
valid_lft 3583sec preferred_lft 3583sec
inet6 fe80::be24:11ff:fe17:5a36/64 scope link
valid_lft forever preferred_lft forever
root@network-automation-node:~# cat /etc/network/interfaces
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet dhcp
root@network-automation-node:~#
Typically, the NAT-Node will provide you with a Class C Private IP address range with a 24-bit mask.
Installing Docker and YANG Suite
The Official Guide on Installing docker can be found here Debian | Docker Docs
The Official Guide on Installing YANG Suite using Docker can be found here GitHub – CiscoDevNet/yangsuite
For November 2024 these are the commands for installing Docker
sudo apt-get update
sudo apt-get install ca-certificates curl
sudo install -m 0755 -d /etc/apt/keyrings
sudo curl -fsSL https://download.docker.com/linux/debian/gpg -o /etc/apt/keyrings/docker.asc
sudo chmod a+r /etc/apt/keyrings/docker.asc
echo \ "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/debian \ $(. /etc/os-release && echo "$VERSION_CODENAME") stable" | \ sudo tee /etc/apt/sources.list.d/docker.list > /dev/nullsudo apt-get update
sudo apt-get install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
For November 2024 these are the commands for installing YANG Suite
git clone https://github.com/CiscoDevNet/yangsuite
cd yangsuite/docker/ ; bash ./start_yang_suite.sh
While the First-Time Start script is running. Fill out username, password, IP, email and also setup the Certificate as can be seen below
For the IP, you have to specify the IP which the Debian Node got from the NAT-Node or the one you specified.
The Container is then going to be built. Be patient, as this step will take a while.
root@network-automation-node:~/yangsuite/docker# cd yangsuite/docker/ ; bash ./start_yang_suite.sh
-bash: cd: yangsuite/docker/: No such file or directory
Hello, please setup YANG Suite admin user.
username: admin
password:
confirm password:
Will you access the system from a remote host? (y/n): y
Enter local host FQDN or IP: 192.168.122.17
email: lab@lab.local
Setup test certificates? (y/n): y
################################################################
## Generating self-signed certificates... ##
## ##
## WARNING: Obtain certificates from a trusted authority! ##
## ##
## NOTE: Some browsers may still reject these certificates!! ##
################################################################
....+....+........+.+..+...+.+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*....+..........+........+..........+......+.........+..+.+...+..+.......+..+................+..+......+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*...+..............+.........+.+.....+......+......+...+.......+...+............+............+........+...+.........+.+..+....+......+...+.....+......+...+.+..+.......+...+.....+....+.....+.+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
.......+.+.........+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*.+.........+.....+.+.....+...+......+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*.+..+...+.+...+......+...........+....+.........+...+..............+....+...........+.+..+.+......+.....+..........+......+........+.+........+.............+.........+.....+.+........+.......+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:DE
State or Province Name (full name) [Some-State]:NRW
Locality Name (eg, city) []:
Organization Name (eg, company) [Internet Widgits Pty Ltd]:
Organizational Unit Name (eg, section) []:
Common Name (e.g. server FQDN or YOUR name) []:yangsuite.lab.localThis is the output when the operation is finished:
yangsuite-1 | spawned uWSGI master process (pid: 39)
yangsuite-1 | spawned uWSGI worker 1 (pid: 41, cores: 1)
yangsuite-1 | spawned uWSGI worker 2 (pid: 42, cores: 1)
yangsuite-1 | spawned uWSGI worker 3 (pid: 43, cores: 1)
yangsuite-1 | spawned uWSGI worker 4 (pid: 44, cores: 1)
yangsuite-1 | spawned uWSGI worker 5 (pid: 45, cores: 1)
Now you can continue by Accessing YANG Suite
YANG Suite first Access
Verify now that your Windows Node is also connected to the Cloud Node and has valid IP assigned or obtained by the DHCP
Now you can Access the YANG Suite via the Browser with it´s IP and Port 8443. In my case that´s …
https://192.168.122.17:8443/
Accept the User Agreement
Now you can Log-In with the Credentials specified during the Installation on the CLI
Moving Forward
First off, congratulations. You just logged in to your YANG Suite.
As YANG Suite is running directly on the Console right now you can Terminate it using CTRL+C and then start it as a normal docker as intended with…
root@network-automation-node:~/yangsuite/docker# docker compose up -d
WARN[0000] /root/yangsuite/docker/docker-compose.yml: the attribute `version` is obsolete, it will be ignored, please remove it to avoid potential confusion
[+] Running 3/3
✔ Container docker-yangsuite-1 Started 0.3s
✔ Container docker-backup-1 Started 0.6s
✔ Container docker-nginx-1 Started 0.6s
Now it´s running in Background. If you want to stop it you Navigate to the Folder and make a…
docker compose down
Part 2
In the next part we will Setup YANG Suite to fit the needs for our LAB. We will also configure the Switches to be able to Communicate over NETCONF with RPC´s and we will make our first Call.
I can be reached on the social media platforms mentioned in the footer if you have any questions or if this article was useful to you.