2017-01-25 15:15:26 +00:00
|
|
|
# (c) 2016 Red Hat Inc.
|
2017-08-20 15:20:30 +00:00
|
|
|
# (c) 2017 Ansible Project
|
|
|
|
|
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
|
|
|
|
|
|
2017-09-08 18:08:31 +00:00
|
|
|
from __future__ import (absolute_import, division, print_function)
|
|
|
|
|
__metaclass__ = type
|
|
|
|
|
|
|
|
|
|
DOCUMENTATION = """
|
2018-01-03 20:10:35 +00:00
|
|
|
---
|
|
|
|
|
author: Ansible Networking Team
|
|
|
|
|
connection: netconf
|
|
|
|
|
short_description: Provides a persistent connection using the netconf protocol
|
|
|
|
|
description:
|
|
|
|
|
- This connection plugin provides a connection to remote devices over the
|
|
|
|
|
SSH NETCONF subsystem. This connection plugin is typically used by
|
|
|
|
|
network devices for sending and receiving RPC calls over NETCONF.
|
|
|
|
|
- Note this connection plugin requires ncclient to be installed on the
|
|
|
|
|
local Ansible controller.
|
|
|
|
|
version_added: "2.3"
|
|
|
|
|
requirements:
|
|
|
|
|
- ncclient
|
|
|
|
|
options:
|
|
|
|
|
host:
|
|
|
|
|
description:
|
|
|
|
|
- Specifies the remote device FQDN or IP address to establish the SSH
|
|
|
|
|
connection to.
|
|
|
|
|
default: inventory_hostname
|
|
|
|
|
vars:
|
|
|
|
|
- name: ansible_host
|
|
|
|
|
port:
|
|
|
|
|
type: int
|
|
|
|
|
description:
|
2018-09-11 18:23:38 +00:00
|
|
|
- Specifies the port on the remote device that listens for connections
|
2018-01-03 20:10:35 +00:00
|
|
|
when establishing the SSH connection.
|
|
|
|
|
default: 830
|
|
|
|
|
ini:
|
|
|
|
|
- section: defaults
|
|
|
|
|
key: remote_port
|
|
|
|
|
env:
|
|
|
|
|
- name: ANSIBLE_REMOTE_PORT
|
|
|
|
|
vars:
|
|
|
|
|
- name: ansible_port
|
|
|
|
|
network_os:
|
|
|
|
|
description:
|
|
|
|
|
- Configures the device platform network operating system. This value is
|
|
|
|
|
used to load a device specific netconf plugin. If this option is not
|
|
|
|
|
configured, then the default netconf plugin will be used.
|
|
|
|
|
vars:
|
|
|
|
|
- name: ansible_network_os
|
|
|
|
|
remote_user:
|
|
|
|
|
description:
|
|
|
|
|
- The username used to authenticate to the remote device when the SSH
|
|
|
|
|
connection is first established. If the remote_user is not specified,
|
|
|
|
|
the connection will use the username of the logged in user.
|
2018-09-11 18:23:38 +00:00
|
|
|
- Can be configured from the CLI via the C(--user) or C(-u) options.
|
2018-01-03 20:10:35 +00:00
|
|
|
ini:
|
|
|
|
|
- section: defaults
|
|
|
|
|
key: remote_user
|
|
|
|
|
env:
|
|
|
|
|
- name: ANSIBLE_REMOTE_USER
|
|
|
|
|
vars:
|
|
|
|
|
- name: ansible_user
|
|
|
|
|
password:
|
|
|
|
|
description:
|
|
|
|
|
- Configures the user password used to authenticate to the remote device
|
|
|
|
|
when first establishing the SSH connection.
|
|
|
|
|
vars:
|
2018-04-04 13:45:57 +00:00
|
|
|
- name: ansible_password
|
|
|
|
|
- name: ansible_ssh_pass
|
2019-02-11 15:43:10 +00:00
|
|
|
- name: ansible_ssh_password
|
|
|
|
|
- name: ansible_netconf_password
|
2018-01-03 20:10:35 +00:00
|
|
|
private_key_file:
|
|
|
|
|
description:
|
2018-09-11 18:23:38 +00:00
|
|
|
- The private SSH key or certificate file used to authenticate to the
|
2018-01-03 20:10:35 +00:00
|
|
|
remote device when first establishing the SSH connection.
|
|
|
|
|
ini:
|
2018-08-02 15:38:51 +00:00
|
|
|
- section: defaults
|
|
|
|
|
key: private_key_file
|
2018-01-03 20:10:35 +00:00
|
|
|
env:
|
|
|
|
|
- name: ANSIBLE_PRIVATE_KEY_FILE
|
|
|
|
|
vars:
|
|
|
|
|
- name: ansible_private_key_file
|
|
|
|
|
timeout:
|
|
|
|
|
type: int
|
|
|
|
|
description:
|
2018-09-11 18:23:38 +00:00
|
|
|
- Sets the connection time, in seconds, for communicating with the
|
|
|
|
|
remote device. This timeout is used as the default timeout value when
|
|
|
|
|
awaiting a response after issuing a call to a RPC. If the RPC
|
|
|
|
|
does not return in timeout seconds, an error is generated.
|
2018-01-03 20:10:35 +00:00
|
|
|
default: 120
|
|
|
|
|
host_key_auto_add:
|
2018-09-11 18:23:38 +00:00
|
|
|
type: boolean
|
2018-01-03 20:10:35 +00:00
|
|
|
description:
|
|
|
|
|
- By default, Ansible will prompt the user before adding SSH keys to the
|
2018-09-11 18:23:38 +00:00
|
|
|
known hosts file. By enabling this option, unknown host keys will
|
2018-01-03 20:10:35 +00:00
|
|
|
automatically be added to the known hosts file.
|
|
|
|
|
- Be sure to fully understand the security implications of enabling this
|
|
|
|
|
option on production systems as it could create a security vulnerability.
|
2018-09-11 18:23:38 +00:00
|
|
|
default: False
|
2018-01-03 20:10:35 +00:00
|
|
|
ini:
|
2018-08-02 15:38:51 +00:00
|
|
|
- section: paramiko_connection
|
|
|
|
|
key: host_key_auto_add
|
2018-01-03 20:10:35 +00:00
|
|
|
env:
|
|
|
|
|
- name: ANSIBLE_HOST_KEY_AUTO_ADD
|
2018-07-02 12:41:00 +00:00
|
|
|
look_for_keys:
|
|
|
|
|
default: True
|
2018-08-21 15:11:18 +00:00
|
|
|
description:
|
2018-09-11 18:23:38 +00:00
|
|
|
- Enables looking for ssh keys in the usual locations for ssh keys (e.g. :file:`~/.ssh/id_*`).
|
2018-07-02 12:41:00 +00:00
|
|
|
env:
|
|
|
|
|
- name: ANSIBLE_PARAMIKO_LOOK_FOR_KEYS
|
|
|
|
|
ini:
|
|
|
|
|
- section: paramiko_connection
|
|
|
|
|
key: look_for_keys
|
|
|
|
|
type: boolean
|
|
|
|
|
host_key_checking:
|
|
|
|
|
description: 'Set this to "False" if you want to avoid host key checking by the underlying tools Ansible uses to connect to the host'
|
|
|
|
|
type: boolean
|
|
|
|
|
default: True
|
|
|
|
|
env:
|
|
|
|
|
- name: ANSIBLE_HOST_KEY_CHECKING
|
|
|
|
|
- name: ANSIBLE_SSH_HOST_KEY_CHECKING
|
|
|
|
|
- name: ANSIBLE_NETCONF_HOST_KEY_CHECKING
|
|
|
|
|
ini:
|
|
|
|
|
- section: defaults
|
|
|
|
|
key: host_key_checking
|
|
|
|
|
- section: paramiko_connection
|
|
|
|
|
key: host_key_checking
|
|
|
|
|
vars:
|
|
|
|
|
- name: ansible_host_key_checking
|
|
|
|
|
- name: ansible_ssh_host_key_checking
|
|
|
|
|
- name: ansible_netconf_host_key_checking
|
2018-01-03 20:10:35 +00:00
|
|
|
persistent_connect_timeout:
|
|
|
|
|
type: int
|
|
|
|
|
description:
|
|
|
|
|
- Configures, in seconds, the amount of time to wait when trying to
|
|
|
|
|
initially establish a persistent connection. If this value expires
|
|
|
|
|
before the connection to the remote device is completed, the connection
|
2018-09-11 18:23:38 +00:00
|
|
|
will fail.
|
2018-01-03 20:10:35 +00:00
|
|
|
default: 30
|
|
|
|
|
ini:
|
2018-07-02 12:41:00 +00:00
|
|
|
- section: persistent_connection
|
|
|
|
|
key: connect_timeout
|
2018-01-03 20:10:35 +00:00
|
|
|
env:
|
|
|
|
|
- name: ANSIBLE_PERSISTENT_CONNECT_TIMEOUT
|
2019-01-16 08:40:26 +00:00
|
|
|
vars:
|
|
|
|
|
- name: ansible_connect_timeout
|
2018-01-03 20:10:35 +00:00
|
|
|
persistent_command_timeout:
|
|
|
|
|
type: int
|
2017-08-20 15:20:30 +00:00
|
|
|
description:
|
2018-01-03 20:10:35 +00:00
|
|
|
- Configures, in seconds, the amount of time to wait for a command to
|
|
|
|
|
return from the remote device. If this timer is exceeded before the
|
|
|
|
|
command returns, the connection plugin will raise an exception and
|
2018-09-11 18:23:38 +00:00
|
|
|
close.
|
2019-01-21 05:20:52 +00:00
|
|
|
default: 30
|
2018-01-03 20:10:35 +00:00
|
|
|
ini:
|
2018-07-02 12:41:00 +00:00
|
|
|
- section: persistent_connection
|
|
|
|
|
key: command_timeout
|
2018-01-03 20:10:35 +00:00
|
|
|
env:
|
|
|
|
|
- name: ANSIBLE_PERSISTENT_COMMAND_TIMEOUT
|
2018-07-20 04:34:53 +00:00
|
|
|
vars:
|
|
|
|
|
- name: ansible_command_timeout
|
2018-07-03 18:24:26 +00:00
|
|
|
netconf_ssh_config:
|
|
|
|
|
description:
|
2018-07-04 06:07:35 +00:00
|
|
|
- This variable is used to enable bastion/jump host with netconf connection. If set to
|
|
|
|
|
True the bastion/jump host ssh settings should be present in ~/.ssh/config file,
|
|
|
|
|
alternatively it can be set to custom ssh configuration file path to read the
|
|
|
|
|
bastion/jump host settings.
|
2018-07-03 18:24:26 +00:00
|
|
|
ini:
|
|
|
|
|
- section: netconf_connection
|
|
|
|
|
key: ssh_config
|
|
|
|
|
version_added: '2.7'
|
|
|
|
|
env:
|
|
|
|
|
- name: ANSIBLE_NETCONF_SSH_CONFIG
|
|
|
|
|
vars:
|
|
|
|
|
- name: ansible_netconf_ssh_config
|
|
|
|
|
version_added: '2.7'
|
2018-12-21 15:31:43 +00:00
|
|
|
persistent_log_messages:
|
|
|
|
|
type: boolean
|
|
|
|
|
description:
|
|
|
|
|
- This flag will enable logging the command executed and response received from
|
|
|
|
|
target device in the ansible log file. For this option to work 'log_path' ansible
|
|
|
|
|
configuration option is required to be set to a file path with write access.
|
|
|
|
|
- Be sure to fully understand the security implications of enabling this
|
|
|
|
|
option as it could create a security vulnerability by logging sensitive information in log file.
|
|
|
|
|
default: False
|
|
|
|
|
ini:
|
|
|
|
|
- section: persistent_connection
|
|
|
|
|
key: log_messages
|
|
|
|
|
env:
|
|
|
|
|
- name: ANSIBLE_PERSISTENT_LOG_MESSAGES
|
|
|
|
|
vars:
|
|
|
|
|
- name: ansible_persistent_log_messages
|
2017-08-20 15:20:30 +00:00
|
|
|
"""
|
2017-01-25 15:15:26 +00:00
|
|
|
|
|
|
|
|
import os
|
2017-03-21 02:26:18 +00:00
|
|
|
import logging
|
2017-11-24 06:34:47 +00:00
|
|
|
import json
|
2017-01-25 15:15:26 +00:00
|
|
|
|
|
|
|
|
from ansible.errors import AnsibleConnectionFailure, AnsibleError
|
2017-11-24 06:34:47 +00:00
|
|
|
from ansible.module_utils._text import to_bytes, to_native, to_text
|
2018-07-04 06:07:35 +00:00
|
|
|
from ansible.module_utils.parsing.convert_bool import BOOLEANS_TRUE, BOOLEANS_FALSE
|
2017-08-15 20:38:59 +00:00
|
|
|
from ansible.plugins.loader import netconf_loader
|
2018-07-02 12:41:00 +00:00
|
|
|
from ansible.plugins.connection import NetworkConnectionBase
|
2017-01-25 15:15:26 +00:00
|
|
|
|
|
|
|
|
try:
|
|
|
|
|
from ncclient import manager
|
|
|
|
|
from ncclient.operations import RPCError
|
|
|
|
|
from ncclient.transport.errors import SSHUnknownHostError
|
|
|
|
|
from ncclient.xml_ import to_ele, to_xml
|
2018-12-17 17:33:44 +00:00
|
|
|
HAS_NCCLIENT = True
|
2019-01-29 23:40:21 +00:00
|
|
|
NCCLIENT_IMP_ERR = None
|
|
|
|
|
except (ImportError, AttributeError) as err: # paramiko and gssapi are incompatible and raise AttributeError not ImportError
|
2018-12-17 17:33:44 +00:00
|
|
|
HAS_NCCLIENT = False
|
2019-01-29 23:40:21 +00:00
|
|
|
NCCLIENT_IMP_ERR = err
|
2017-01-25 15:15:26 +00:00
|
|
|
|
2017-03-21 02:26:18 +00:00
|
|
|
logging.getLogger('ncclient').setLevel(logging.INFO)
|
2017-01-25 15:15:26 +00:00
|
|
|
|
2018-04-03 21:01:59 +00:00
|
|
|
NETWORK_OS_DEVICE_PARAM_MAP = {
|
|
|
|
|
"nxos": "nexus",
|
2018-05-24 10:14:39 +00:00
|
|
|
"ios": "default",
|
2018-09-05 13:46:01 +00:00
|
|
|
"dellos10": "default",
|
2018-06-14 04:08:27 +00:00
|
|
|
"sros": "alu",
|
|
|
|
|
"ce": "huawei"
|
2018-03-01 16:53:14 +00:00
|
|
|
}
|
|
|
|
|
|
2017-03-23 14:29:24 +00:00
|
|
|
|
2018-07-02 12:41:00 +00:00
|
|
|
class Connection(NetworkConnectionBase):
|
2017-06-06 08:26:25 +00:00
|
|
|
"""NetConf connections"""
|
2017-01-25 15:15:26 +00:00
|
|
|
|
|
|
|
|
transport = 'netconf'
|
|
|
|
|
has_pipelining = False
|
|
|
|
|
|
|
|
|
|
def __init__(self, play_context, new_stdin, *args, **kwargs):
|
|
|
|
|
super(Connection, self).__init__(play_context, new_stdin, *args, **kwargs)
|
|
|
|
|
|
2018-07-02 12:41:00 +00:00
|
|
|
self._network_os = self._network_os or 'default'
|
2018-09-20 13:56:43 +00:00
|
|
|
|
|
|
|
|
netconf = netconf_loader.get(self._network_os, self)
|
|
|
|
|
if netconf:
|
2018-12-11 21:26:59 +00:00
|
|
|
self._sub_plugin = {'type': 'netconf', 'name': self._network_os, 'obj': netconf}
|
2018-12-19 15:54:42 +00:00
|
|
|
self.queue_message('log', 'loaded netconf plugin for network_os %s' % self._network_os)
|
2018-09-20 13:56:43 +00:00
|
|
|
else:
|
|
|
|
|
netconf = netconf_loader.get("default", self)
|
2018-12-11 21:26:59 +00:00
|
|
|
self._sub_plugin = {'type': 'netconf', 'name': 'default', 'obj': netconf}
|
2018-12-19 15:54:42 +00:00
|
|
|
self.queue_message('display', 'unable to load netconf plugin for network_os %s, falling back to default plugin' % self._network_os)
|
|
|
|
|
self.queue_message('log', 'network_os is set to %s' % self._network_os)
|
2017-01-25 15:15:26 +00:00
|
|
|
|
|
|
|
|
self._manager = None
|
2018-08-21 15:11:18 +00:00
|
|
|
self.key_filename = None
|
2017-01-25 15:15:26 +00:00
|
|
|
|
2018-07-02 12:41:00 +00:00
|
|
|
def exec_command(self, cmd, in_data=None, sudoable=True):
|
2017-11-09 20:04:40 +00:00
|
|
|
"""Sends the request to the node and returns the reply
|
|
|
|
|
The method accepts two forms of request. The first form is as a byte
|
|
|
|
|
string that represents xml string be send over netconf session.
|
|
|
|
|
The second form is a json-rpc (2.0) byte string.
|
|
|
|
|
"""
|
|
|
|
|
if self._manager:
|
|
|
|
|
# to_ele operates on native strings
|
2018-07-02 12:41:00 +00:00
|
|
|
request = to_ele(to_native(cmd, errors='surrogate_or_strict'))
|
2017-11-09 20:04:40 +00:00
|
|
|
|
|
|
|
|
if request is None:
|
|
|
|
|
return 'unable to parse request'
|
|
|
|
|
|
|
|
|
|
try:
|
|
|
|
|
reply = self._manager.rpc(request)
|
|
|
|
|
except RPCError as exc:
|
2017-11-24 06:34:47 +00:00
|
|
|
error = self.internal_error(data=to_text(to_xml(exc.xml), errors='surrogate_or_strict'))
|
|
|
|
|
return json.dumps(error)
|
2017-11-09 20:04:40 +00:00
|
|
|
|
|
|
|
|
return reply.data_xml
|
|
|
|
|
else:
|
2018-07-02 12:41:00 +00:00
|
|
|
return super(Connection, self).exec_command(cmd, in_data, sudoable)
|
2017-11-09 20:04:40 +00:00
|
|
|
|
2017-01-25 15:15:26 +00:00
|
|
|
def _connect(self):
|
2018-12-17 17:33:44 +00:00
|
|
|
if not HAS_NCCLIENT:
|
|
|
|
|
raise AnsibleError(
|
Become plugins (#50991)
* [WIP] become plugins
Move from hardcoded method to plugins for ease of use, expansion and overrides
- load into connection as it is going to be the main consumer
- play_context will also use to keep backwards compat API
- ensure shell is used to construct commands when needed
- migrate settings remove from base config in favor of plugin specific configs
- cleanup ansible-doc
- add become plugin docs
- remove deprecated sudo/su code and keywords
- adjust become options for cli
- set plugin options from context
- ensure config defs are avaialbe before instance
- refactored getting the shell plugin, fixed tests
- changed into regex as they were string matching, which does not work with random string generation
- explicitly set flags for play context tests
- moved plugin loading up front
- now loads for basedir also
- allow pyc/o for non m modules
- fixes to tests and some plugins
- migrate to play objects fro play_context
- simiplify gathering
- added utf8 headers
- moved option setting
- add fail msg to dzdo
- use tuple for multiple options on fail/missing
- fix relative plugin paths
- shift from play context to play
- all tasks already inherit this from play directly
- remove obsolete 'set play'
- correct environment handling
- add wrap_exe option to pfexec
- fix runas to noop
- fixed setting play context
- added password configs
- removed required false
- remove from doc building till they are ready
future development:
- deal with 'enable' and 'runas' which are not 'command wrappers' but 'state flags' and currently hardcoded in diff subsystems
* cleanup
remove callers to removed func
removed --sudo cli doc refs
remove runas become_exe
ensure keyerorr on plugin
also fix backwards compat, missing method is attributeerror, not ansible error
get remote_user consistently
ignore missing system_tmpdirs on plugin load
correct config precedence
add deprecation
fix networking imports
backwards compat for plugins using BECOME_METHODS
* Port become_plugins to context.CLIARGS
This is a work in progress:
* Stop passing options around everywhere as we can use context.CLIARGS
instead
* Refactor make_become_commands as asked for by alikins
* Typo in comment fix
* Stop loading values from the cli in more than one place
Both play and play_context were saving default values from the cli
arguments directly. This changes things so that the default values are
loaded into the play and then play_context takes them from there.
* Rename BECOME_PLUGIN_PATH to DEFAULT_BECOME_PLUGIN_PATH
As alikins said, all other plugin paths are named
DEFAULT_plugintype_PLUGIN_PATH. If we're going to rename these, that
should be done all at one time rather than piecemeal.
* One to throw away
This is a set of hacks to get setting FieldAttribute defaults to command
line args to work. It's not fully done yet.
After talking it over with sivel and jimi-c this should be done by
fixing FieldAttributeBase and _get_parent_attribute() calls to do the
right thing when there is a non-None default.
What we want to be able to do ideally is something like this:
class Base(FieldAttributeBase):
_check_mode = FieldAttribute([..] default=lambda: context.CLIARGS['check'])
class Play(Base):
# lambda so that we have a chance to parse the command line args
# before we get here. In the future we might be able to restructure
# this so that the cli parsing code runs before these classes are
# defined.
class Task(Base):
pass
And still have a playbook like this function:
---
- hosts:
tasks:
- command: whoami
check_mode: True
(The check_mode test that is added as a separate commit in this PR will
let you test variations on this case).
There's a few separate reasons that the code doesn't let us do this or
a non-ugly workaround for this as written right now. The fix that
jimi-c, sivel, and I talked about may let us do this or it may still
require a workaround (but less ugly) (having one class that has the
FieldAttributes with default values and one class that inherits from
that but just overrides the FieldAttributes which now have defaults)
* Revert "One to throw away"
This reverts commit 23aa883cbed11429ef1be2a2d0ed18f83a3b8064.
* Set FieldAttr defaults directly from CLIARGS
* Remove dead code
* Move timeout directly to PlayContext, it's never needed on Play
* just for backwards compat, add a static version of BECOME_METHODS to constants
* Make the become attr on the connection public, since it's used outside of the connection
* Logic fix
* Nuke connection testing if it supports specific become methods
* Remove unused vars
* Address rebase issues
* Fix path encoding issue
* Remove unused import
* Various cleanups
* Restore network_cli check in _low_level_execute_command
* type improvements for cliargs_deferred_get and swap shallowcopy to default to False
* minor cleanups
* Allow the su plugin to work, since it doesn't define a prompt the same way
* Fix up ksu become plugin
* Only set prompt if build_become_command was called
* Add helper to assist connection plugins in knowing they need to wait for a prompt
* Fix tests and code expectations
* Doc updates
* Various additional minor cleanups
* Make doas functional
* Don't change connection signature, load become plugin from TaskExecutor
* Remove unused imports
* Add comment about setting the become plugin on the playcontext
* Fix up tests for recent changes
* Support 'Password:' natively for the doas plugin
* Make default prompts raw
* wording cleanups. ci_complete
* Remove unrelated changes
* Address spelling mistake
* Restore removed test, and udpate to use new functionality
* Add changelog fragment
* Don't hard fail in set_attributes_from_cli on missing CLI keys
* Remove unrelated change to loader
* Remove internal deprecated FieldAttributes now
* Emit deprecation warnings now
2019-02-11 17:27:44 +00:00
|
|
|
'The required "ncclient" python library is required to use the netconf connection type: %s.\n'
|
2019-01-29 23:40:21 +00:00
|
|
|
'Please run pip install ncclient' % to_native(NCCLIENT_IMP_ERR)
|
2018-12-17 17:33:44 +00:00
|
|
|
)
|
|
|
|
|
|
2018-12-19 15:54:42 +00:00
|
|
|
self.queue_message('log', 'ssh connection done, starting ncclient')
|
2017-03-21 02:26:18 +00:00
|
|
|
|
2017-11-09 20:04:40 +00:00
|
|
|
allow_agent = True
|
2017-01-25 15:15:26 +00:00
|
|
|
if self._play_context.password is not None:
|
2017-11-09 20:04:40 +00:00
|
|
|
allow_agent = False
|
2017-12-07 14:47:41 +00:00
|
|
|
setattr(self._play_context, 'allow_agent', allow_agent)
|
2017-01-25 15:15:26 +00:00
|
|
|
|
2018-08-21 15:11:18 +00:00
|
|
|
self.key_filename = self._play_context.private_key_file or self.get_option('private_key_file')
|
|
|
|
|
if self.key_filename:
|
2018-09-04 06:29:08 +00:00
|
|
|
self.key_filename = str(os.path.expanduser(self.key_filename))
|
2017-01-25 15:15:26 +00:00
|
|
|
|
2018-07-02 12:41:00 +00:00
|
|
|
if self._network_os == 'default':
|
2017-06-28 05:37:38 +00:00
|
|
|
for cls in netconf_loader.all(class_only=True):
|
|
|
|
|
network_os = cls.guess_network_os(self)
|
|
|
|
|
if network_os:
|
2018-12-19 15:54:42 +00:00
|
|
|
self.queue_message('log', 'discovered network_os %s' % network_os)
|
2018-07-02 12:41:00 +00:00
|
|
|
self._network_os = network_os
|
2017-06-28 05:37:38 +00:00
|
|
|
|
2018-07-02 12:41:00 +00:00
|
|
|
device_params = {'name': NETWORK_OS_DEVICE_PARAM_MAP.get(self._network_os) or self._network_os}
|
2017-03-21 02:26:18 +00:00
|
|
|
|
2018-07-03 18:24:26 +00:00
|
|
|
ssh_config = self.get_option('netconf_ssh_config')
|
2017-08-22 11:25:19 +00:00
|
|
|
if ssh_config in BOOLEANS_TRUE:
|
2017-08-18 18:04:30 +00:00
|
|
|
ssh_config = True
|
2018-07-04 06:07:35 +00:00
|
|
|
elif ssh_config in BOOLEANS_FALSE:
|
2017-08-22 11:25:19 +00:00
|
|
|
ssh_config = None
|
2017-08-18 18:04:30 +00:00
|
|
|
|
2017-01-25 15:15:26 +00:00
|
|
|
try:
|
2018-12-20 00:51:32 +00:00
|
|
|
port = self._play_context.port or 830
|
|
|
|
|
self.queue_message('vvv', "ESTABLISH NETCONF SSH CONNECTION FOR USER: %s on PORT %s TO %s" %
|
|
|
|
|
(self._play_context.remote_user, port, self._play_context.remote_addr))
|
2017-01-25 15:15:26 +00:00
|
|
|
self._manager = manager.connect(
|
|
|
|
|
host=self._play_context.remote_addr,
|
2018-12-20 00:51:32 +00:00
|
|
|
port=port,
|
2017-01-25 15:15:26 +00:00
|
|
|
username=self._play_context.remote_user,
|
|
|
|
|
password=self._play_context.password,
|
2018-09-04 06:29:08 +00:00
|
|
|
key_filename=self.key_filename,
|
2018-07-02 12:41:00 +00:00
|
|
|
hostkey_verify=self.get_option('host_key_checking'),
|
|
|
|
|
look_for_keys=self.get_option('look_for_keys'),
|
2018-01-24 16:18:41 +00:00
|
|
|
device_params=device_params,
|
2017-12-07 14:47:41 +00:00
|
|
|
allow_agent=self._play_context.allow_agent,
|
2019-01-21 06:51:09 +00:00
|
|
|
timeout=self.get_option('persistent_connect_timeout'),
|
2017-08-18 18:04:30 +00:00
|
|
|
ssh_config=ssh_config
|
2017-01-25 15:15:26 +00:00
|
|
|
)
|
|
|
|
|
except SSHUnknownHostError as exc:
|
2018-11-09 06:59:30 +00:00
|
|
|
raise AnsibleConnectionFailure(to_native(exc))
|
2017-11-09 20:04:40 +00:00
|
|
|
except ImportError as exc:
|
2018-07-02 12:41:00 +00:00
|
|
|
raise AnsibleError("connection=netconf is not supported on {0}".format(self._network_os))
|
2017-01-25 15:15:26 +00:00
|
|
|
|
|
|
|
|
if not self._manager.connected:
|
2017-06-06 08:26:25 +00:00
|
|
|
return 1, b'', b'not connected'
|
2017-01-25 15:15:26 +00:00
|
|
|
|
2018-12-19 15:54:42 +00:00
|
|
|
self.queue_message('log', 'ncclient manager object created successfully')
|
2017-03-21 02:26:18 +00:00
|
|
|
|
2017-01-25 15:15:26 +00:00
|
|
|
self._connected = True
|
2017-06-06 08:26:25 +00:00
|
|
|
|
2018-08-28 21:30:50 +00:00
|
|
|
super(Connection, self)._connect()
|
|
|
|
|
|
2017-06-06 08:26:25 +00:00
|
|
|
return 0, to_bytes(self._manager.session_id, errors='surrogate_or_strict'), b''
|
2017-01-25 15:15:26 +00:00
|
|
|
|
|
|
|
|
def close(self):
|
|
|
|
|
if self._manager:
|
|
|
|
|
self._manager.close_session()
|
|
|
|
|
super(Connection, self).close()
|
