While exploring the new environment you’ll find out – the NX-OS is modified CentOS-System. When logging in, you’ll be able to use both – the „traditional“ linux commands and as well the NX-OS commands.
Reference document for all NX-OS commands is available here:
I’ve found as well a nice „cheat sheet“ on the community portal (maybe outdated).
When accessing the ACI components via the CLI – you ought to be really, really careful! When accessing the APIC via the GUI, there is quite a lot of logic active behind the scene to avoid evil things to happen.
In the beginning (APIC release 1.0 – 1.2) the default CLI was the bash shell, this has changed to the NX-OS style CLI.
Being used to CISCO IOS, you’ll find out the command completion is the same – by using the „TAB“ key will help you. As well as using a „?“ to get the next command option.
apic1# show running-config ?
<CR>
aaa Show Authentication, Authorization, and Accounting configuration
all Show running-config with defaults
analytics Show external analytics reachability information
bd-enf-exp-ip Enable Enforced BD Flag
bgp-fabric Border Gateway Protocol (BGP)
callhome Show Callhome policy
clock Show Clock
comm-policy Show communication policy
controller Show Controller Node
coop-fabric Council Of Oracles Protocol (COOP)
crypto Show crypto settings
...To get the entire system setup –
apic1# show running-config all
# Command: show running-config all
# Time: Thu Jun 18 11:44:32 2020
power redundancy-policy default
redundancy-mode combined
exit
aaa banner 'Application Policy Infrastructure Controller'
aaa user default-role no-login
aaa authentication login console
realm local
exit
aaa authentication login default
realm local
exit
aaa authentication login domain fallback
realm local
Just as a quick example – the Controller CLI Banner can be changed by either the CLI or the GUI.
After pressing „Submit“ the change is visible as well via the CLI
apic1(config)# show running-config aaa
# Command: show running-config aaa
# Time: Thu Jun 18 11:54:32 2020
aaa banner 'APIC 1'
aaa authentication login console
exit
aaa authentication login default
exit
aaa authentication login domain fallback
exit
And after changing it via the CLI:
apic1(config)# aaa banner "Banner name changed via CLI"
apic1(config)#
you’ll see the change (after pressing the refresh button right over the properties box) immediately.
And the changes will be logged by auditing as well.
From a linux perspective – many of the standard commands are available. But – and this is to protect the environment and in the end yourself – the capabilities are restricted, you won’t be able to root level access.
quite nice – included is my favorite „htop“ command.
If you are used to linux – you should spend some time to explore the box – but don’t waste too much time.
And you’ll see as well, that the simulated components (spine, leaf) are detached processes running on that VM.
apic1# ps -ef | grep leaf
root 18791 1 0 Jun16 ? 00:00:00 SCREEN -dmS leaf1
root 19573 1 0 Jun16 ? 00:00:00 SCREEN -dmS leaf2
apic1# ps -ef | grep spine
root 20919 1 0 Jun16 ? 00:00:00 SCREEN -dmS spine1