From d96aa55d4c87aaf82986d00d9d1b819389ac12a4 Mon Sep 17 00:00:00 2001 From: Dave Kasberg Date: Thu, 2 Mar 2017 08:09:33 -0800 Subject: [PATCH] New module: cnos_save (#21754) * initial comment of cnos_save * Move roles to integration/roles directory and remove aliases file. * update the module short description * Change module directory name to Lenovo * change import cnos statement --- .../modules/network/lenovo/cnos_save.py | 141 ++++++++++++++++++ test/integration/roles/cnos_save/README.md | 94 ++++++++++++ .../roles/cnos_save/cnos_save_sample_hosts | 15 ++ .../roles/cnos_save/tasks/main.yml | 18 +++ .../integration/roles/cnos_save/vars/main.yml | 9 ++ 5 files changed, 277 insertions(+) create mode 100644 lib/ansible/modules/network/lenovo/cnos_save.py create mode 100644 test/integration/roles/cnos_save/README.md create mode 100644 test/integration/roles/cnos_save/cnos_save_sample_hosts create mode 100644 test/integration/roles/cnos_save/tasks/main.yml create mode 100644 test/integration/roles/cnos_save/vars/main.yml diff --git a/lib/ansible/modules/network/lenovo/cnos_save.py b/lib/ansible/modules/network/lenovo/cnos_save.py new file mode 100644 index 0000000000..8d6b179fd2 --- /dev/null +++ b/lib/ansible/modules/network/lenovo/cnos_save.py @@ -0,0 +1,141 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- +# +# Copyright (C) 2017 Lenovo, Inc. +# +# This file is part of Ansible +# +# Ansible is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# Ansible is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with Ansible. If not, see . +# +# Module to save running config to start up config to Lenovo Switches +# Lenovo Networking +# + +ANSIBLE_METADATA = {'status': ['preview'], + 'supported_by': 'community', + 'version': '1.0'} + +DOCUMENTATION = ''' +--- +module: cnos_save +short_description: Save the running configuration as the startup configuration on devices running Lenovo CNOS +description: + - This module allows you to copy the running configuration of a switch over its startup configuration. + It is recommended to use this module shortly after any major configuration changes so they persist after + a switch restart. This module uses SSH to manage network device configuration. + The results of the operation will be placed in a directory named 'results' + that must be created by the user in their local directory to where the playbook is run. + For more information about this module from Lenovo and customizing it usage for your + use cases, please visit our [User Guide](http://systemx.lenovofiles.com/help/index.jsp?topic=%2Fcom.lenovo.switchmgt.ansible.doc%2Fcnos_save.html) +version_added: "2.3" +extends_documentation_fragment: cnos +options: {} + +''' +EXAMPLES = ''' +Tasks : The following are examples of using the module cnos_save. These are written in the main.yml file of the tasks directory. +--- +- name: Test Save + cnos_save: + host: "{{ inventory_hostname }}" + username: "{{ hostvars[inventory_hostname]['username'] }}" + password: "{{ hostvars[inventory_hostname]['password'] }}" + deviceType: "{{ hostvars[inventory_hostname]['deviceType'] }}" + enablePassword: "{{ hostvars[inventory_hostname]['enablePassword'] }}" + outputfile: "./results/test_save_{{ inventory_hostname }}_output.txt" +''' +RETURN = ''' + return value: | + On successful execution, the method returns a message in JSON format + [Switch Running Config is Saved to Startup Config] + Upon any failure, the method returns an error display string. +''' + +import sys +import paramiko +import time +import argparse +import socket +import array +import json +import time +import re +try: + from ansible.module_utils import cnos + HAS_LIB = True +except: + HAS_LIB = False +from ansible.module_utils.basic import AnsibleModule +from collections import defaultdict + + +def main(): + module = AnsibleModule( + argument_spec=dict( + outputfile=dict(required=True), + host=dict(required=True), + username=dict(required=True), + password=dict(required=True, no_log=True), + enablePassword=dict(required=False, no_log=True), + deviceType=dict(required=True),), + supports_check_mode=False) + + username = module.params['username'] + password = module.params['password'] + enablePassword = module.params['enablePassword'] + cliCommand = "save memory \n" + outputfile = module.params['outputfile'] + hostIP = module.params['host'] + deviceType = module.params['deviceType'] + output = "" + + # Create instance of SSHClient object + remote_conn_pre = paramiko.SSHClient() + + # Automatically add untrusted hosts (make sure okay for security policy in your environment) + remote_conn_pre.set_missing_host_key_policy(paramiko.AutoAddPolicy()) + + # initiate SSH connection with the switch + remote_conn_pre.connect(hostIP, username=username, password=password) + time.sleep(2) + + # Use invoke_shell to establish an 'interactive session' + remote_conn = remote_conn_pre.invoke_shell() + time.sleep(2) + + # Enable and enter configure terminal then send command + output = output + cnos.waitForDeviceResponse("\n", ">", 2, remote_conn) + + output = output + cnos.enterEnableModeForDevice(enablePassword, 3, remote_conn) + + # Make terminal length = 0 + output = output + cnos.waitForDeviceResponse("terminal length 0\n", "#", 2, remote_conn) + + # cnos.debugOutput(cliCommand) + # Send the CLi command + output = output + cnos.waitForDeviceResponse(cliCommand, "#", 2, remote_conn) + + # Save it into the file + file = open(outputfile, "a") + file.write(output) + file.close() + + errorMsg = cnos.checkOutputForError(output) + if(errorMsg is None): + module.exit_json(changed=True, msg="Switch Running Config is Saved to Startup Config ") + else: + module.fail_json(msg=errorMsg) + +if __name__ == '__main__': + main() diff --git a/test/integration/roles/cnos_save/README.md b/test/integration/roles/cnos_save/README.md new file mode 100644 index 0000000000..c80630b897 --- /dev/null +++ b/test/integration/roles/cnos_save/README.md @@ -0,0 +1,94 @@ +# Ansible Role: cnos_save_sample - Saving the switch running configuration +--- + + +This role is an example of using the *cnos_save.py* Lenovo module in the context of CNOS switch configuration. This module allows you to copy the running configuration of a switch over its startup configuration. It is recommended to use this module shortly after any major configuration changes so they persist after a switch restart. + +The results of the operation can be viewed in *results* directory. + +For more details, see [Lenovo modules for Ansible: cnos_save](http://systemx.lenovofiles.com/help/index.jsp?topic=%2Fcom.lenovo.switchmgt.ansible.doc%2Fcnos_save.html&cp=0_3_1_0_4_3). + + +## Requirements +--- + + +- Ansible version 2.2 or later ([Ansible installation documentation](http://docs.ansible.com/ansible/intro_installation.html)) +- Lenovo switches running CNOS version 10.2.1.0 or later +- an SSH connection to the Lenovo switch (SSH must be enabled on the network device) + + +## Role Variables +--- + + +Available variables are listed below, along with description. + +The following are mandatory inventory variables: + +Variable | Description +--- | --- +`username` | Specifies the username used to log into the switch +`password` | Specifies the password used to log into the switch +`enablePassword` | Configures the password used to enter Global Configuration command mode on the switch (this is an optional parameter) +`hostname` | Searches the hosts file at */etc/ansible/hosts* and identifies the IP address of the switch on which the role is going to be applied +`deviceType` | Specifies the type of device from where the configuration will be backed up (**g8272_cnos** - G8272, **g8296_cnos** - G8296) + + +## Dependencies +--- + + +- username.iptables - Configures the firewall and blocks all ports except those needed for web server and SSH access. +- username.common - Performs common server configuration. +- cnos_save.py - This modules needs to be present in the *library* directory of the role. +- cnos.py - This module needs to be present in the PYTHONPATH environment variable set in the Ansible system. +- /etc/ansible/hosts - You must edit the */etc/ansible/hosts* file with the device information of the switches designated as leaf switches. You may refer to *cnos_save_sample_hosts* for a sample configuration. + +Ansible keeps track of all network elements that it manages through a hosts file. Before the execution of a playbook, the hosts file must be set up. + +Open the */etc/ansible/hosts* file with root privileges. Most of the file is commented out by using **#**. You can also comment out the entries you will be adding by using **#**. You need to copy the content of the hosts file for the role into the */etc/ansible/hosts* file. The sample hosts file for the role is located in the main directory. + +``` +[cnos_save_sample] +10.241.107.39 username= password= deviceType=g8272_cnos +10.241.107.40 username= password= deviceType=g8272_cnos +``` + +**Note:** You need to change the IP addresses to fit your specific topology. You also need to change the `` and `` to the appropriate values used to log into the specific Lenovo network devices. + + +## Example Playbook +--- + + +To execute an Ansible playbook, use the following command: + +``` +ansible-playbook cnos_save_sample.yml -vvv +``` + +`-vvv` is an optional verbos command that helps identify what is happening during playbook execution. The playbook for each role is located in the main directory of the solution. + +``` + - name: Module to do save configurations + hosts: cnos_save_sample + gather_facts: no + connection: local + roles: + - cnos_save_sample +``` + + +## License +--- + +Copyright (C) 2017 Lenovo, Inc. + +This file is part of Ansible + +Ansible is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. + +Ansible is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. + +You should have received a copy of the GNU General Public License along with Ansible. If not, see . \ No newline at end of file diff --git a/test/integration/roles/cnos_save/cnos_save_sample_hosts b/test/integration/roles/cnos_save/cnos_save_sample_hosts new file mode 100644 index 0000000000..cc207735b7 --- /dev/null +++ b/test/integration/roles/cnos_save/cnos_save_sample_hosts @@ -0,0 +1,15 @@ +# You have to paste this dummy information in /etc/ansible/hosts +# Notes: +# - Comments begin with the '#' character +# - Blank lines are ignored +# - Groups of hosts are delimited by [header] elements +# - You can enter hostnames or ip addresses +# - A hostname/ip can be a member of multiple groups +# +# In the /etc/ansible/hosts file u have to enter [cnos_save_sample] tag +# Following you should specify IP Adresses details +# Please change and with appropriate value for your switch. + +[cnos_save_sample] +10.241.107.39 username= password= deviceType=g8272_cnos + diff --git a/test/integration/roles/cnos_save/tasks/main.yml b/test/integration/roles/cnos_save/tasks/main.yml new file mode 100644 index 0000000000..c6e5a5d5ee --- /dev/null +++ b/test/integration/roles/cnos_save/tasks/main.yml @@ -0,0 +1,18 @@ +# This contain sample template execution tasks +--- +- name: Test Save + cnos_save: host={{ inventory_hostname }} username={{ hostvars[inventory_hostname]['username']}} password={{ hostvars[inventory_hostname]['password']}} deviceType={{ hostvars[inventory_hostname]['deviceType']}} outputfile=./results/cnos_save_{{ inventory_hostname }}_output.txt + with_items: "{{cnos_save_data1}}" + +- name: Test Reset to factory + cnos_factory: host={{ inventory_hostname }} username={{ hostvars[inventory_hostname]['username']}} password={{ hostvars[inventory_hostname]['password']}} deviceType={{ hostvars[inventory_hostname]['deviceType']}} outputfile=./results/cnos_save_{{ inventory_hostname }}_output.txt + with_items: "{{cnos_save_data2}}" + +- name: Test Again save + cnos_save: host={{ inventory_hostname }} username={{ hostvars[inventory_hostname]['username']}} password={{ hostvars[inventory_hostname]['password']}} deviceType={{ hostvars[inventory_hostname]['deviceType']}} outputfile=./results/cnos_save_{{ inventory_hostname }}_output.txt + with_items: "{{cnos_save_data3}}" + +- name: Test Reload + cnos_reload: host={{ inventory_hostname }} username={{ hostvars[inventory_hostname]['username']}} password={{ hostvars[inventory_hostname]['password']}} deviceType={{ hostvars[inventory_hostname]['deviceType']}} outputfile=./results/cnos_save_{{ inventory_hostname }}_output.txt + with_items: "{{cnos_save_data4}}" +# Completed file diff --git a/test/integration/roles/cnos_save/vars/main.yml b/test/integration/roles/cnos_save/vars/main.yml new file mode 100644 index 0000000000..e577a44753 --- /dev/null +++ b/test/integration/roles/cnos_save/vars/main.yml @@ -0,0 +1,9 @@ +--- +cnos_save_data1: + - {} +cnos_save_data2: + - {} +cnos_save_data3: + - {} +cnos_save_data4: + - {}