Enabling Administrative Services
There are many features of the Pluribus Networks fabric that require or can be enhanced using remote access. For example, when packets are written to a log file, you may want to transfer that file from a switch to a different system for analysis. Also, if you are creating a NetVM environment, an IOS image of the guest OS must be loaded on the switch.
You can enhance or modify several services such as SSH, NFS, Web, SNMP, SFTP.
To check the status of various services, use the following command:
CLI (network-admin@Leaf-1) > admin-service-show
switch: Leaf-1
if: mgmt
ssh: on
nfs: on
web: on
web-ssl: off
web-ssl-port: 443
web-port: 80
web-log: off
snmp: on
net-api: on
icmp: on
switch: Leaf-1
if: data
ssh: on
nfs: on
web: on
web-ssl: off
web-ssl-port: 443
web-port: 80
web-log: off
snmp: on
net-api: on
icmp: on
To modify administrative services, use the command:
CLI (network-admin@Leaf-1) > admin-service-modify
|
admin-service-modify |
Modifies services on the switch. |
|
if if-string |
Specify the administrative service interface. |
|
ssh|no-ssh |
Specify if you want to enable or disable SSH. |
|
web|no-web |
Specify if you want to enable web management. Use this option to enable REST API access over HTTP. |
|
web-ssl|no-web-ssl |
Specify if you want to use SSL and certificates for web services. Use this option to enable REST API access over HTTPS. |
|
web-ssl-port web-ssl-port-number |
Specify the web SSL port. |
|
web-port web-port-number |
Specify the port for web management. |
|
web-log|no-web-log |
Specify if you want to turn web logging on or off. Note: This option is for use in debugging with Pluribus support’s guidance. |
|
vrrp|no-vrrp |
Specify if you want to enable or disable VRRP. |
|
snmp|no-snmp |
Specify if you want to enable or disable SNMP. |
|
net-api|no-net-api |
Specify if you want to enable or disable Netvisor API. |
|
icmp|no-icmp |
Specify if you want to enable or disable Internet Message Control Protocol (ICMP). |
Netvisor ONE supports the file transfer method, SFTP and SFTP is enabled by default on Netvisor ONE. Because SFTP relies on Secure Shell (SSH), you must enable SSH before enabling SFTP.
To enable SSH, use the following command
CLI (network-admin@Leaf1) > admin-service-modify nic mgmt ssh
To enable SFTP, use the following command:
CLI (network-admin@Leaf1) > admin-sftp-modify enable
sftp password: <password>
confirm sftp password: <password>
The default SFTP username is sftp and the password can be changed using the admin-sftp-modify command:
CLI (network-admin@Leaf1) > admin-sftp-modify
sftp password: <password>
confirm sftp password: <password>
To display the details, use the following commands:
CLI (network-admin@Leaf-1) > admin-service-show
switch if ssh nfs web web-ssl web-ssl-port web-port snmp net-api icmp
------ ---- --- --- --- ------- ------------ -------- ---- ------- ----
Leaf-1 mgmt on off off off 443 80 on off on
Leaf-1 data on off off off 443 80 on off on
admin-service-show: Fabric required. Please use fabric-create/join/show
CLI (network-admin@Leaf1) > admin-sftp-show
switch: Leaf1
sftp-user: sftp
enable: yes
Use SFTP from a host to the switch, and login with the username sftp and the password configured for SFTP. Then you can download the available files or upload files to the switch.
CLI (network-admin@Leaf1) > admin-service-show
switch nic ssh nfs web web-port snmp net-api icmp
------ ---- --- --- --- -------- ---- ------- ----
Leaf1 mgmt on off on 80 off on on