Cloud Shell Remote Configuration is a web application to remotely configure Cisco devices.
- Built on top of ttyd for terminal sharing
- Access to remote Cisco devices with button clicks
ssh maglev@172.23.165.132 -p 2222
Password: Maglev123
Expose 1 port for the web server and several for terminal sharing (ttyd)
# Get the name of the api server, e.g., api-server-7659bcdb9b-k5vtt
kubectl get pods -n rdm
# Expose 6 (any number more than 2 according to your need) ports not used before
#(There is a bug in DNAC, If the deployments is edited and the Docker container is restarted,
# the ports exposed for the original Docker container cannot be used again)
magctl service expose api-server-7659bcdb9b-k5vtt --appstack rdm 20000
magctl service expose api-server-7659bcdb9b-k5vtt --appstack rdm 20001
magctl service expose api-server-7659bcdb9b-k5vtt --appstack rdm 20002
magctl service expose api-server-7659bcdb9b-k5vtt --appstack rdm 20003
magctl service expose api-server-7659bcdb9b-k5vtt --appstack rdm 20004
magctl service expose api-server-7659bcdb9b-k5vtt --appstack rdm 20005
# Save the mapping between the original and transferred port numbers to be used in the future
# 20000 -> 8029 (For web server)
# 20001 -> 12887 (For terminal sharing)
# 20002 -> 19029 (For terminal sharing)
# 20003 -> 15811 (For terminal sharing)
# 20004 -> 20221 (For terminal sharing)
# 20005 -> 21628 (For terminal sharing)
docker ps|grep api
# Get the hash for "maglev-registry.maglev-system.svc.cluster.local:5000/rdm/ap-server",
# which is usually the first one, e.g., 6f203e976d38
# Get into the container with the hash
docker exec -it 6f203e976d38 bash
apt-get -y update && apt-get -y upgrade
apt-get -y install iputils-ping openssh-server python3 python3-pip python3-dev cmake g++ pkg-config git vim-common libjson-c-dev libssl-dev sshpass telnet redis-server
mkdir CloudShell
cd CloudShell
export HTTP_PROXY="http://proxy.esl.cisco.com:80"
export HTTPS_PROXY="https://proxy.esl.cisco.com:80"
git clone https://github.com/warmcat/libwebsockets.git
cd libwebsockets/
git checkout 89eedcaa94e1c8a97ea3af10642fd224bcea068f
mkdir build
cd build
cmake ..
make
make install
ldconfig
cd ../..
git clone https://github.com/tsl0922/ttyd.git
cd ttyd && mkdir build && cd build
cmake ..
make && make install
cd ../..
pip3 install virtualenv
virtualenv env
. env/bin/activate
pip3 install Django
pip3 install -U channels
pip3 install paramiko
pip3 install requests
git clone https://github.com/ytl6547/CloudShellRemoteConfiguration.git
/etc/init.d/redis-server start
pip3 install channels_redis[cryptography]
unset HTTPS_PROXY
unset HTTP_PROXY
cd CloudShellRemoteConfiguration/
Default constants:
LOGIN_API_URL = "https://172.23.165.132/api/system/v1/auth/login"
CHECK_DEVICE_LIST_API_URL = "https://172.23.165.132/api/rdm/v1/device"
CORRECT_USERNAME_FOR_DNAC_LOGIN = 'admin'
CORRECT_PASSWORD_FOR_DNAC_LOGIN = 'Maglev123'
DEVICE_USERNAME = "Cisco"
DEVICE_PASSWORD = "Cisco"
ACCESS_TIMEOUT_SECONDS = 1200
If you want to change any of them:
apt-get install nano
nano WebTerm/views.py
# Use the original port number for web server here, which is 20000 in this case
python3 manage.py runserver 0.0.0.0:20000 &
- Open in browser with
http://<DNAC IP>:<transferred port number for web server>/admin/WebTerm/port/, e.g., http://172.23.165.132:8029/admin/WebTerm/port/ - username: admin, password: Maglev123
- Delete all unrelated mappings
- Click add port on the right
- Add your original -> transferred terminal sharing mappings one by one, keep "available" being checked, and don't forget to save
Go to http://<DNAC IP>:<transferred port number for web server>, e.g., http://172.23.165.132:8029/
And feel free to use your shared terminal :)
- SSH to maglev cluster
- Get into the Docker container
- Start the server
cd CloudShell/ . env/bin/activate cd CloudShellRemoteConfiguration/ - Start the web server
- Go to the website
- SSH to maglev cluster
- Get into the Docker container
- Remove folder and run again
cd CloudShell/ . env/bin/activate rm -r CloudShellRemoteConfiguration/ export HTTPS_PROXY="https://proxy.esl.cisco.com:80" git clone https://github.com/ytl6547/CloudShellRemoteConfiguration.git unset HTTPS_PROXY cd CloudShellRemoteConfiguration/ - Change constants
- Start the web server
- Tell the database your terminal sharing port mappings
- Go to the website
- Login
- User input username and password of the DNAC
- Click Submit
- If succeeded, “Connect!” becomes clickable, if not, alert “Wrong username or password!”
- Show devices and status in the DNAC
- When a user opens the website, the backend creates a thread. In every 5 minutes, the thread pushes the new DNAC devices data to the frontend. The frontend shows the device name and device status to the user.
- Search a device
- In the real time, the user can search a device by a string inside of the device name. All the devices with the string in their names will be shown in the list
- Select and connect to a device
- A user can select a device by clicking it in the device list
- By clicking “Connect!”, the device id will be sent to the backend with AJAX (if you already connected to a device, you need to disconnect first)
- In the following cases, Connection will fail with an alert:
- Not logged in
- Fetching data from the DNAC failed
- The device is not in the list of DNAC
- The device status is not CONNECTED
- The device is using by someone else
- Will show countdown for time needed for waiting
- No available port to host the terminal sharing tool
- If connection succeeded, will show the device console in the iframe (Sometimes iframe shows “host refused to connect”. In this situation, “Reload frame” is good)
- Do any operation you want in the shared console within the time limitation
- Countdown
- After connected to a device, the countdown will be shown on the top
- Disconnect
- By clicking “Disconnect!” or the time limitation reached, the user will lose connection with the device, and anybody can connect to the device
Modern browsers, See Browser Support.
- ttyd: ttyd provides the terminal sharing functionality