The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
Golden ISO (GISO) is a customized ISO that a user can build to suit the installation requirement. The user can customize the installable image to include the standard base image with the basic functional components, and add additional RPMs, SMUs and configuration files based on requirement.
The ease of installation and the time taken to seamlessly install or upgrade a system plays a vital role in a cloud-scale network. An installation process that is time-consuming and complex affects the resiliency and scale of the network. The GISO simplifies the installation process, automates the installation workflow, and manages the dependencies in RPMs and SMUs automatically.
GISO is built using a build script gisobuild.py available on the box in /pkg/bin location in XR domain. For more information about the build script and the steps to build GISO, see Build Golden ISO.
When a system boots with GISO, additional SMUs and RPMs in GISO are installed automatically, and the router is pre-configured with the XR configuration in GISO. For more information about downloading and installing GISO, see Install Golden ISO.
The following are the known problems and limitations with the customized ISO:
The following image shows the workflow for building and installing golden ISO.
The customized ISO is built using Cisco Golden ISO (GISO) build script gisobuild.py available on the box in /pkg/bin location in XR domain.
Builds RPM database of all the packages present in package repository.
Skips and removes Cisco RPMs that do not match the mini-x.iso version.
Skips and removes third-party RPMs that are not SMUs of already existing third-party base package in mini-x.iso.
Displays an error and exits build process if there are multiple base RPMs of same release but different versions.
Performs compatibility check and dependency check for all the RPMs. For example, the child RPM ncs5500-mpls-te-rsvp is dependent on the parent RPM ncs5500-mpls . If only the child RPM is included, the Golden ISO build fails.
Note | Golden ISO can be built only from mini ISO. The full or fullk9 bundle ISO is not supported. |
GISO Build |
Format |
Example |
---|---|---|
GISO without k9sec RPM |
<platform-name>-golden-x.iso-<version>.<label> <platform-name>-golden-x-<version>.iso.<label> |
<platform-name>-golden-x64.iso-<version>.v1 <platform-name>-golden-x64-<version>.iso.v1 |
GISO with k9sec RPM |
<platform-name>-goldenk9-x.iso-<version>.<label> <platform-name>-goldenk9-x-<version>.iso.<label> |
<platform-name>-goldenk9-x64.iso-<version>.v1 <platform-name>-goldenk9-x64-<version>.iso.v1 |
Note | To successfully add k9sec RPM to GISO, change the permission of the file to 644 using the chmod command. chmod 644 [k9 sec rpm] |
To build GISO, perform the following steps:
To upgrade from non-GISO to GISO version, it is mandatory to first upgrade to mini ISO with GISO support. For NCS 5500 series routers, upgrade to release 6.2.2 or later.
System must have Python version 2.7 and later.
System must have free disk space of minimum 3 to 4 GB.
Verify that the Linux utilities mount, rm, cp, umount, zcat, chroot, mkisofs are present in the system. These utilities will be used by the script. Ensure privileges are available to execute all of these Linux commands.
Kernel version of the system must be later than 3.16 or later than the version of kernel of Cisco ISO.
Verify that a libyaml rpm supported by the Linux kernel is available to successfully import yaml in the tool.
User should have proper permission for security rpm(k9sec-rpm) in rpm repository, else security rpm would be ignored for Golden ISO creation.
The system from where the gisobuild script is executed must have root credentials.
Note | The GISO script does not support verification of XR configuration. |
Install the golden ISO on the router.
Step 1 | Download GISO
image to the router using one of the following options:
|
Step 2 | Run the
show install repository
all command in System Admin mode to view the RPMs and base ISO
for host, system admin and XR.
sysadmin-vm:0_RP0# show install repository all Admin repository --------------------- ncs5500-sysadmin-6.2.2 ncs5500-sysadmin-hostos-6.2.2-r622.CSCcv10001.admin.x86_64 ncs5500-sysadmin-hostos-6.2.2-r622.CSCcv10001.admin.arm ncs5500-sysadmin-system-6.2.2-r622.CSCcv10005.x86_64 ncs5500-sysadmin-system-6.2.2-r622.CSCcv10005.arm .... XR repository ------------------ ncs5500-iosxr-mgbl-3.0.0.0-r622.x86_64 ncs5500-xr-6.2.2 .... Host repository --------------------- host-6.2.2 |
Step 3 | Run the
show install package
<golden-iso> command to display the list of RPMs, and
packages built in GISO.
Router#show install package ncs5500-goldenk9-x64-6.2.2 This may take a while ... ISO Name: ncs5500-goldenk9-x64-6.2.2 ISO Type: bundle ISO Bundled: ncs5500-mini-x64-6.2.2 Golden ISO Label: temp ISO Contents: ISO Name: ncs5500-xr-6.2.2 ISO Type: xr rpms in xr ISO: iosxr-os-ncs5500-64-5.0.0.0-r622 iosxr-ce-ncs5500-64-3.0.0.0-r622 iosxr-infra-ncs5500-64-4.0.0.0-r622 iosxr-fwding-ncs5500-64-4.0.0.0-r622 iosxr-routing-ncs5500-64-3.1.0.0-r6122 ISO Name: ncs5500-sysadmin-6.2.2 ISO Type: sysadmin rpms in sysadmin ISO: ncs5500-sysadmin-topo-6.2.2-r622 ncs5500-sysadmin-shared-6.2.2-r622 ncs5500-sysadmin-system-6.2.2-r622 ncs5500-sysadmin-hostos-6.2.2-r622.admin ... ISO Name: host-6.2.2 ISO Type: host rpms in host ISO: ncs5500-sysadmin-hostos-6.2.2-r622.host Golden ISO Rpms: xr rpms in golden ISO: ncs5500-k9sec-x64-2.2.0.1-r622.CSCxr33333.x86_64.rpm openssh-scp-6.6p1.p1-r0.0.CSCtp12345.xr.x86_64.rpm openssh-scp-6.6p1-r0.0.xr.x86_64.rpm ncs5500-mpls-x64-2.1.0.0-r622.x86_64.rpm ncs5500-k9sec-x64-2.2.0.0-r622.x86_64.rpm sysadmin rpms in golden ISO: ncs5500-sysadmin-system-6.2.2-r622.CSCcv11111.x86_64.rpm ncs5500-sysadmin-system-6.2.2-r622.CSCcv11111.arm.rpm openssh-scp-6.6p1-r0.0.admin.x86_64.rpm openssh-scp-6.6p1-r0.0.admin.arm.rpm openssh-scp-6.6p1.p1-r0.0.CSCtp12345.admin.x86_64.rpm openssh-scp-6.6p1.p1-r0.0.CSCtp12345.admin.arm.rpm ncs5500-sysadmin-hostos-6.2.2-r622.CSCcv10001.admin.x86_64.rpm ncs5500-sysadmin-hostos-6.2.2-r622.CSCcv10001.admin.arm.rpm host rpms in golden ISO: openssh-scp-6.6p1-r0.0.host.x86_64.rpm openssh-scp-6.6p1-r0.0.host.arm.rpm openssh-scp-6.6p1.p1-r0.0.CSCtp12345.host.x86_64.rpm openssh-scp-6.6p1.p1-r0.0.CSCtp12345.host.arm.rpm |
The ISO, SMUs and packages in GISO are installed on the router.