This blog post is going to cover installing and booting the Cisco 1000v Cloud Services Router with KVM on Ubuntu Trusty 14.04.
It's important to note that I haven't touched a Cisco device in over a decade. At least until the blog post that is. I've been an open source based systems administrator for all of my career, and now I would like to learn a bit more about networking, which is considerably more closed source than I am used to. Thankfully, however, Cisco offers a free download of their cloud router.
First, if you don't have an account with Cisco, then create one and login.
To find the download page, this link might work. If if doesn't work:
In this post I'm going to work from the ISO.
Using the ISO process, we boot the ISO using KVM, which will automatically install the router software onto the disk image specified. Once that's done you can boot the qcow2 image like any regular virtual machine.
I've downloaded the ISO file.
# ls *.iso csr1000v-universalk9.03.12.00.S.154-2.S-std.iso
Next, create a backing image to install the software onto. It has to be at least 8 gigs.
# qemu-img create -f qcow2 csr.img 8G Formatting 'csr.img', fmt=qcow2 size=8589934592 encryption=off cluster_size=65536 lazy_refcounts=off
Now we can boot the ISO with KVM and set the backing image on which the ISO will install the 1000v router. Note that you need to hit a key pretty quickly to get to the GRUB boot menu.
# kvm -boot d csr.img -enable-kvm -m 4096M -cpu Nehalem -smp 4,sockets=4,cores=1,threads=1 -cdrom csr1000v-universalk9.03.12.00.S.154-2.S-std.iso -nographic
After hitting the "any" key, you should see the below. Select "Serial Console" and hit enter.
GNU GRUB version 0.97 (639K lower / 3144696K upper memory) +-------------------------------------------------------------------------+ | CSR 1000V Virtual Console -- Wed-26-Mar-14-15:35 | | CSR 1000V Serial Console -- Wed-26-Mar-14-15:35 | | | | | | | | | | | | | | | | | | | | | +-------------------------------------------------------------------------+ Use the ^ and v keys to select which entry is highlighted. Press enter to boot the selected OS, or 'c' for a command-line.
At this point the ISO should install the 1000v CSR router into the csr.img qcow2 file, and some text should fly by, such as the below. It should only take a minute or two to install the CSR onto the hd image.
Booting 'CSR 1000V Serial Console -- Wed-26-Mar-14-15:35' root (cd) Filesystem type is iso9660, using whole disk kernel /boot/csr1000v-universalk9.03.12.00.S.154-2.S-std.SPA.bin rw root=/dev/r am quiet console= max_loop=64 HARDWARE=virtual SR_BOOT=cdrom:csr1000v-universal k9.03.12.00.S.154-2.S-std.iso package header rev 1 structure detected Calculating SHA-1 hash...done SHA-1 hash: calculated f51efee9:bfc569d7:9a732dee:4af42ccc:7003719d expected f51efee9:bfc569d7:9a732dee:4af42ccc:7003719d Package type:0x7530, flags:0x0 [Linux-bzImage, setup=0x2e00, size=0x11706720] [isord @ 0x6fe6c000, 0x10183000 bytes] SNIP! %IOSXEBOOT-4-BOOT_CDROM: (rp/0): Installing GRUB %IOSXEBOOT-4-BOOT_CDROM: (rp/0): Copying super package csr1000v-universalk9.03.12.00.S.154-2.S-std.SPA.bin %IOSXEBOOT-4-BOOT_CDROM: (rp/0): Expanding super package on /bootflash %IOSXEBOOT-4-BOOT_CDROM: (rp/0): Creating /boot/grub/menu.lst %IOSXEBOOT-4-BOOT_CDROM: (rp/0): CD-ROM Installation finished %IOSXEBOOT-4-BOOT_CDROM: (rp/0): Ejecting CD-ROM tray %IOSXEBOOT-4-BOOT_CDROM: (rp/0): Rebooting from HD SNIP! Press any key to continue. Press any key to continue. Press any key to continue.
Again you have to be quick on hitting a key when the "Press any key to continue" message comes up. (Must be a better way to do this.) The vm is now booting off of the hd image instead of the ISO image.
Select virtual console once more and the router should boot up and ask if we want to configure from a dialog.
SNIP! cisco CSR1000V (VXE) processor with 2170596K/6147K bytes of memory. Processor board ID 9W17YZL34P2 1 Gigabit Ethernet interface 32768K bytes of non-volatile configuration memory. 4194304K bytes of physical memory. 7774207K bytes of virtual hard disk at bootflash:. --- System Configuration Dialog --- Would you like to enter the initial configuration dialog? [yes/no]:
I enter no, though you may want to enter yes. The router continues booting, eventually stops and we can just hit enter to get the "Router>" prompt.
SNIP! *Jul 15 01:40:39.304: %VMAN-5-PACKAGE_SIGNING_LEVEL_ON_INSTALL: F0: vman: Package 'csrmgmt.1_3_1.20140213_121708.ova Building configuration... ' for service container 'csr_mgmt' is 'Cisco signed', signing level cached on original install is 'Cisco signed' *Jul 15 01:40:39.745: Not MO, application name is csr_mgmt *Jul 15 01:40:39.745: %VIRT_SERVICE-5-INSTALL_STATE: Successfully installed virtual service csr_mgmt *Jul 15 01:40:39.748: IOS-FIREWALL-POLICY-SHIM-REGISTER[OK] *Jul 15 01:40:42.273: %CONFIG_CSRLXC-5-CONFIG_DONE: Configuration was applied and saved to NVRAM. See bootflash:/csrlxc-cfg.log for more details. # hit enter! Router> #here we are at the router prompt!
Now we have a full fledged Cisco router!
At this point I usually kill the KVM process from another terminal, and the installation is complete. (Killing from another terminal is a little awkward, so let me know if you find a better way, which probably involves not using "-serial stdio", but I like that it just streams in the terminal. Lots of ways to do this.)
Now that the ISO has finished installing the software, we have an image file to work with.
# du -hs csr.img 1.6G csr.img # file csr.img csr.img: QEMU QCOW Image (unknown version)
Copy that image to /var/lib/libvirt/images.
# cp csr.img /var/lib/libvirt/images/
In /var/lib/libvirt/images, create a qcow2 snapshot.
# qemu-img create -f qcow2 -b csr.img csr-01.img Formatting 'csr-01.img', fmt=qcow2 size=8589934592 backing_file='csr.img' encryption=off cluster_size=65536 lazy_refcounts=off
Now we can use that image with libvirt.
Create an XML file like the below, ensuring to replace the image file location if necessary. I believe the CSR requires 4GB of memory and 4 VCPUS.
Note that if you want the CSR to have more than one interface, you'll have to add it to the XML file, and perhaps add networks to libvirt.
# cat csr-01.xml
csr-01/name> 4194304 4194304 4 hvm Nehalem destroy restart restart /usr/bin/kvm
Define the vm and start it.
# virsh define csr-01.xml Domain csr-01 defined from csr-01.xml # virsh start csr-01 Domain csr-01 started
You can use "virsh console csr-01" to access the console. To exit (at least when using OSX's terminal) hit "CTRL-5."
# virsh console csr-01 Booting 'CSR1000v - packages.conf' root (hd0,0) Filesystem type is ext2fs, partition type 0x83 kernel /packages.conf rw quiet root=/dev/ram console= max_loop=64 HARDWARE=virt ual SR_BOOT=bootflash:packages.conf Calculating SHA-1 hash...done SHA-1 hash: calculated 514e2831:94ee1441:2404193c:f37dac1e:4c196e19 expected 514e2831:94ee1441:2404193c:f37dac1e:4c196e19 package header rev 1 structure detected Calculating SHA-1 hash...done SHA-1 hash: calculated 134e1e2e:319d85c6:34a4d2b3:965dcb75:dc20afef expected 134e1e2e:319d85c6:34a4d2b3:965dcb75:dc20afef Package type:0x7531, flags:0x0 [Linux-bzImage, setup=0x2e00, size=0xd1c0720] [isord @ 0x743b2000, 0xbc3d000 bytes] SNIP!
Check the interfaces and show version.
SNIP! *Jul 15 02:46:04.712: %CONFIG_CSRLXC-5-CONFIG_DONE: Configuration was applied and saved to NVRAM. See bootflash:/csrlxc-cfg.log for more details. Router>enable Router#show int desc Interface Status Protocol Description Gi1 admin down down Gi2 admin down down Gi3 admin down down Router#show version Cisco IOS XE Software, Version 03.12.00.S - Standard Support Release Cisco IOS Software, CSR1000V Software (X86_64_LINUX_IOSD-UNIVERSALK9-M), Version 15.4(2)S, RELEASE SOFTWARE (fc2) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2014 by Cisco Systems, Inc. Compiled Wed 26-Mar-14 21:09 by mcpre SNIP!
Again, you can hit "CTRL-5" to exit "virsh console."
Now that we have a base image and a working libvirt XML file, we can create all kinds of interesting network configurations and learn how to use a Cisco router without actually having any Cisco hardware. Nothing is stopping you from booting several CSR virtual machines and configuring them to work together.