diff options
95 files changed, 10747 insertions, 0 deletions
diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..809ce26 --- /dev/null +++ b/.gitignore @@ -0,0 +1,56 @@ +# Byte-compiled / optimized / DLL files +__pycache__/ +*.py[cod] + +# C extensions +*.so + +# Distribution / packaging +.Python +env/ +bin/ +build/ +develop-eggs/ +dist/ +eggs/ +lib64/ +parts/ +sdist/ +var/ +*.egg-info/ +.installed.cfg +*.egg +rpmbuild + +# Installer logs +pip-log.txt +pip-delete-this-directory.txt + +# Unit test / coverage reports +htmlcov/ +.tox/ +.coverage +.cache +nosetests.xml +coverage.xml + +# Translations +*.mo + +# Mr Developer +.mr.developer.cfg +.project +.pydevproject + +# Rope +.ropeproject + +# Django stuff: +*.log +*.pot + +# Sphinx documentation +docs/_build/ +docs/_modules/modules_by_category.rst +docs/_modules/list_of_*.rst +docs/_modules/*_module.rst diff --git a/.pylintrc b/.pylintrc new file mode 100644 index 0000000..6030306 --- /dev/null +++ b/.pylintrc @@ -0,0 +1,549 @@ +[MASTER] + +# A comma-separated list of package or module names from where C extensions may +# be loaded. Extensions are loading into the active Python interpreter and may +# run arbitrary code +extension-pkg-whitelist= + +# Add files or directories to the blacklist. They should be base names, not +# paths. +ignore=CVS + +# Add files or directories matching the regex patterns to the blacklist. The +# regex matches against base names, not paths. +ignore-patterns= + +# Python code to execute, usually for sys.path manipulation such as +# pygtk.require(). +#init-hook= + +# Use multiple processes to speed up Pylint. +jobs=1 + +# List of plugins (as comma separated values of python modules names) to load, +# usually to register additional checkers. +load-plugins= + +# Pickle collected data for later comparisons. +persistent=yes + +# Specify a configuration file. +#rcfile= + +# When enabled, pylint would attempt to guess common misconfiguration and emit +# user-friendly hints instead of false-positive error messages +suggestion-mode=yes + +# Allow loading of arbitrary C extensions. Extensions are imported into the +# active Python interpreter and may run arbitrary code. +unsafe-load-any-extension=no + + +[MESSAGES CONTROL] + +# Only show warnings with the listed confidence levels. Leave empty to show +# all. Valid levels: HIGH, INFERENCE, INFERENCE_FAILURE, UNDEFINED +confidence= + +# Disable the message, report, category or checker with the given id(s). You +# can either give multiple identifiers separated by comma (,) or put this +# option multiple times (only on the command line, not in the configuration +# file where it should appear only once).You can also use "--disable=all" to +# disable everything first and then reenable specific checks. For example, if +# you want to run only the similarities checker, you can use "--disable=all +# --enable=similarities". If you want to run only the classes checker, but have +# no Warning level messages displayed, use"--disable=all --enable=classes +# --disable=W" +disable=print-statement, + parameter-unpacking, + unpacking-in-except, + old-raise-syntax, + backtick, + long-suffix, + old-ne-operator, + old-octal-literal, + import-star-module-level, + non-ascii-bytes-literal, + invalid-unicode-literal, + raw-checker-failed, + bad-inline-option, + locally-disabled, + locally-enabled, + file-ignored, + suppressed-message, + useless-suppression, + deprecated-pragma, + apply-builtin, + basestring-builtin, + buffer-builtin, + cmp-builtin, + coerce-builtin, + execfile-builtin, + file-builtin, + long-builtin, + raw_input-builtin, + reduce-builtin, + standarderror-builtin, + unicode-builtin, + xrange-builtin, + coerce-method, + delslice-method, + getslice-method, + setslice-method, + no-absolute-import, + old-division, + dict-iter-method, + dict-view-method, + next-method-called, + metaclass-assignment, + indexing-exception, + raising-string, + reload-builtin, + oct-method, + hex-method, + nonzero-method, + cmp-method, + input-builtin, + round-builtin, + intern-builtin, + unichr-builtin, + map-builtin-not-iterating, + zip-builtin-not-iterating, + range-builtin-not-iterating, + filter-builtin-not-iterating, + using-cmp-argument, + eq-without-hash, + div-method, + idiv-method, + rdiv-method, + exception-message-attribute, + invalid-str-codec, + sys-max-int, + bad-python3-import, + deprecated-string-function, + deprecated-str-translate-call, + deprecated-itertools-function, + deprecated-types-field, + next-method-defined, + dict-items-not-iterating, + dict-keys-not-iterating, + dict-values-not-iterating, + deprecated-operator-function, + deprecated-urllib-function, + xreadlines-attribute, + deprecated-sys-function, + exception-escape, + comprehension-escape + +# Enable the message, report, category or checker with the given id(s). You can +# either give multiple identifier separated by comma (,) or put this option +# multiple time (only on the command line, not in the configuration file where +# it should appear only once). See also the "--disable" option for examples. +enable=c-extension-no-member + + +[REPORTS] + +# Python expression which should return a note less than 10 (10 is the highest +# note). You have access to the variables errors warning, statement which +# respectively contain the number of errors / warnings messages and the total +# number of statements analyzed. This is used by the global evaluation report +# (RP0004). +evaluation=10.0 - ((float(5 * error + warning + refactor + convention) / statement) * 10) + +# Template used to display messages. This is a python new-style format string +# used to format the message information. See doc for all details +#msg-template= + +# Set the output format. Available formats are text, parseable, colorized, json +# and msvs (visual studio).You can also give a reporter class, eg +# mypackage.mymodule.MyReporterClass. +output-format=text + +# Tells whether to display a full report or only the messages +reports=no + +# Activate the evaluation score. +score=yes + + +[REFACTORING] + +# Maximum number of nested blocks for function / method body +max-nested-blocks=5 + +# Complete name of functions that never returns. When checking for +# inconsistent-return-statements if a never returning function is called then +# it will be considered as an explicit return statement and no message will be +# printed. +never-returning-functions=optparse.Values,sys.exit + + +[LOGGING] + +# Logging modules to check that the string format arguments are in logging +# function parameter format +logging-modules=logging + + +[SPELLING] + +# Limits count of emitted suggestions for spelling mistakes +max-spelling-suggestions=4 + +# Spelling dictionary name. Available dictionaries: none. To make it working +# install python-enchant package. +spelling-dict= + +# List of comma separated words that should not be checked. +spelling-ignore-words= + +# A path to a file that contains private dictionary; one word per line. +spelling-private-dict-file= + +# Tells whether to store unknown words to indicated private dictionary in +# --spelling-private-dict-file option instead of raising a message. +spelling-store-unknown-words=no + + +[MISCELLANEOUS] + +# List of note tags to take in consideration, separated by a comma. +notes=FIXME, + XXX, + TODO + + +[SIMILARITIES] + +# Ignore comments when computing similarities. +ignore-comments=yes + +# Ignore docstrings when computing similarities. +ignore-docstrings=yes + +# Ignore imports when computing similarities. +ignore-imports=no + +# Minimum lines number of a similarity. +min-similarity-lines=4 + + +[TYPECHECK] + +# List of decorators that produce context managers, such as +# contextlib.contextmanager. Add to this list to register other decorators that +# produce valid context managers. +contextmanager-decorators=contextlib.contextmanager + +# List of members which are set dynamically and missed by pylint inference +# system, and so shouldn't trigger E1101 when accessed. Python regular +# expressions are accepted. +generated-members= + +# Tells whether missing members accessed in mixin class should be ignored. A +# mixin class is detected if its name ends with "mixin" (case insensitive). +ignore-mixin-members=yes + +# This flag controls whether pylint should warn about no-member and similar +# checks whenever an opaque object is returned when inferring. The inference +# can return multiple potential results while evaluating a Python object, but +# some branches might not be evaluated, which results in partial inference. In +# that case, it might be useful to still emit no-member and other checks for +# the rest of the inferred objects. +ignore-on-opaque-inference=yes + +# List of class names for which member attributes should not be checked (useful +# for classes with dynamically set attributes). This supports the use of +# qualified names. +ignored-classes=optparse.Values,thread._local,_thread._local + +# List of module names for which member attributes should not be checked +# (useful for modules/projects where namespaces are manipulated during runtime +# and thus existing member attributes cannot be deduced by static analysis. It +# supports qualified module names, as well as Unix pattern matching. +ignored-modules= + +# Show a hint with possible names when a member name was not found. The aspect +# of finding the hint is based on edit distance. +missing-member-hint=yes + +# The minimum edit distance a name should have in order to be considered a +# similar match for a missing member name. +missing-member-hint-distance=1 + +# The total number of similar names that should be taken in consideration when +# showing a hint for a missing member. +missing-member-max-choices=1 + + +[VARIABLES] + +# List of additional names supposed to be defined in builtins. Remember that +# you should avoid to define new builtins when possible. +additional-builtins= + +# Tells whether unused global variables should be treated as a violation. +allow-global-unused-variables=yes + +# List of strings which can identify a callback function by name. A callback +# name must start or end with one of those strings. +callbacks=cb_, + _cb + +# A regular expression matching the name of dummy variables (i.e. expectedly +# not used). +dummy-variables-rgx=_+$|(_[a-zA-Z0-9_]*[a-zA-Z0-9]+?$)|dummy|^ignored_|^unused_ + +# Argument names that match this expression will be ignored. Default to name +# with leading underscore +ignored-argument-names=_.*|^ignored_|^unused_ + +# Tells whether we should check for unused import in __init__ files. +init-import=no + +# List of qualified module names which can have objects that can redefine +# builtins. +redefining-builtins-modules=six.moves,past.builtins,future.builtins,io,builtins + + +[FORMAT] + +# Expected format of line ending, e.g. empty (any line ending), LF or CRLF. +expected-line-ending-format= + +# Regexp for a line that is allowed to be longer than the limit. +ignore-long-lines=^\s*(# )?<?https?://\S+>?$ + +# Number of spaces of indent required inside a hanging or continued line. +indent-after-paren=4 + +# String used as indentation unit. This is usually " " (4 spaces) or "\t" (1 +# tab). +indent-string=' ' + +# Maximum number of characters on a single line. +max-line-length=100 + +# Maximum number of lines in a module +max-module-lines=1000 + +# List of optional constructs for which whitespace checking is disabled. `dict- +# separator` is used to allow tabulation in dicts, etc.: {1 : 1,\n222: 2}. +# `trailing-comma` allows a space between comma and closing bracket: (a, ). +# `empty-line` allows space-only lines. +no-space-check=trailing-comma, + dict-separator + +# Allow the body of a class to be on the same line as the declaration if body +# contains single statement. +single-line-class-stmt=no + +# Allow the body of an if to be on the same line as the test if there is no +# else. +single-line-if-stmt=no + + +[BASIC] + +# Naming style matching correct argument names +argument-naming-style=snake_case + +# Regular expression matching correct argument names. Overrides argument- +# naming-style +#argument-rgx= + +# Naming style matching correct attribute names +attr-naming-style=snake_case + +# Regular expression matching correct attribute names. Overrides attr-naming- +# style +#attr-rgx= + +# Bad variable names which should always be refused, separated by a comma +bad-names=foo, + bar, + baz, + toto, + tutu, + tata + +# Naming style matching correct class attribute names +class-attribute-naming-style=any + +# Regular expression matching correct class attribute names. Overrides class- +# attribute-naming-style +#class-attribute-rgx= + +# Naming style matching correct class names +class-naming-style=PascalCase + +# Regular expression matching correct class names. Overrides class-naming-style +#class-rgx= + +# Naming style matching correct constant names +const-naming-style=UPPER_CASE + +# Regular expression matching correct constant names. Overrides const-naming- +# style +#const-rgx= + +# Minimum line length for functions/classes that require docstrings, shorter +# ones are exempt. +docstring-min-length=-1 + +# Naming style matching correct function names +function-naming-style=snake_case + +# Regular expression matching correct function names. Overrides function- +# naming-style +#function-rgx= + +# Good variable names which should always be accepted, separated by a comma +good-names=i, + j, + k, + ex, + Run, + _ + +# Include a hint for the correct naming format with invalid-name +include-naming-hint=no + +# Naming style matching correct inline iteration names +inlinevar-naming-style=any + +# Regular expression matching correct inline iteration names. Overrides +# inlinevar-naming-style +#inlinevar-rgx= + +# Naming style matching correct method names +method-naming-style=snake_case + +# Regular expression matching correct method names. Overrides method-naming- +# style +#method-rgx= + +# Naming style matching correct module names +module-naming-style=snake_case + +# Regular expression matching correct module names. Overrides module-naming- +# style +#module-rgx= + +# Colon-delimited sets of names that determine each other's naming style when +# the name regexes allow several styles. +name-group= + +# Regular expression which should only match function or class names that do +# not require a docstring. +no-docstring-rgx=^_ + +# List of decorators that produce properties, such as abc.abstractproperty. Add +# to this list to register other decorators that produce valid properties. +property-classes=abc.abstractproperty + +# Naming style matching correct variable names +variable-naming-style=snake_case + +# Regular expression matching correct variable names. Overrides variable- +# naming-style +#variable-rgx= + + +[DESIGN] + +# Maximum number of arguments for function / method +max-args=5 + +# Maximum number of attributes for a class (see R0902). +max-attributes=7 + +# Maximum number of boolean expressions in a if statement +max-bool-expr=5 + +# Maximum number of branch for function / method body +max-branches=12 + +# Maximum number of locals for function / method body +max-locals=15 + +# Maximum number of parents for a class (see R0901). +max-parents=7 + +# Maximum number of public methods for a class (see R0904). +max-public-methods=20 + +# Maximum number of return / yield for function / method body +max-returns=6 + +# Maximum number of statements in function / method body +max-statements=50 + +# Minimum number of public methods for a class (see R0903). +min-public-methods=2 + + +[CLASSES] + +# List of method names used to declare (i.e. assign) instance attributes. +defining-attr-methods=__init__, + __new__, + setUp + +# List of member names, which should be excluded from the protected access +# warning. +exclude-protected=_asdict, + _fields, + _replace, + _source, + _make + +# List of valid names for the first argument in a class method. +valid-classmethod-first-arg=cls + +# List of valid names for the first argument in a metaclass class method. +valid-metaclass-classmethod-first-arg=mcs + + +[IMPORTS] + +# Allow wildcard imports from modules that define __all__. +allow-wildcard-with-all=no + +# Analyse import fallback blocks. This can be used to support both Python 2 and +# 3 compatible code, which means that the block might have code that exists +# only in one or another interpreter, leading to false positives when analysed. +analyse-fallback-blocks=no + +# Deprecated modules which should not be used, separated by a comma +deprecated-modules=regsub, + TERMIOS, + Bastion, + rexec + +# Create a graph of external dependencies in the given file (report RP0402 must +# not be disabled) +ext-import-graph= + +# Create a graph of every (i.e. internal and external) dependencies in the +# given file (report RP0402 must not be disabled) +import-graph= + +# Create a graph of internal dependencies in the given file (report RP0402 must +# not be disabled) +int-import-graph= + +# Force import order to recognize a module as part of the standard +# compatibility libraries. +known-standard-library= + +# Force import order to recognize a module as part of a third party library. +known-third-party=enchant + + +[EXCEPTIONS] + +# Exceptions that will emit a warning when being caught. Defaults to +# "Exception" +overgeneral-exceptions=Exception diff --git a/Jenkinsfile b/Jenkinsfile new file mode 100644 index 0000000..74913d6 --- /dev/null +++ b/Jenkinsfile @@ -0,0 +1,136 @@ +#!/usr/bin/env groovy + +/** + * Jenkinsfile + */ +pipeline { + agent{ label 'exec'} + options { + buildDiscarder( + // Only keep the 10 most recent builds + logRotator(numToKeepStr:'10')) + } + environment { + projectName = 'CvpRac' + emailTo = 'eosplus-dev@arista.com' + emailFrom = 'eosplus-dev+jenkins@arista.com' + } + + stages { + + stage ('Checkout') { + steps { + checkout scm + } + } + + stage ('Install_Requirements') { + steps { + sh """ + [[ -d venv ]] && rm -rf venv + virtualenv --python=python2.7 venv + source venv/bin/activate + pip install --upgrade pip + pip install -r requirements.txt + pip install -r dev-requirements.txt + pip install codecov + """ + // Stub dummy .cloudvision.yaml file + writeFile file: "test/fixtures/cvp_nodes.yaml", text: "---\n- node: 10.81.111.9\n username: cvpadmin\n password: cvp123\n" + } + } + + stage ('Check_style') { + steps { + sh """ + source venv/bin/activate + make clean + [[ -d report ]] || mkdir report + echo "exclude report" >> MANIFEST.in + echo "exclude htmlcov" >> MANIFEST.in + make check || true + make pep8 | tee report/pep8_report.txt + make pyflakes + make pylint | tee report/pylint.out || true + """ + step([$class: 'WarningsPublisher', + parserConfigurations: [[ + parserName: 'Pep8', + pattern: 'report/pep8_report.txt' + ], + [ + parserName: 'pylint', + pattern: 'report/pylint.out' + ]], + unstableTotalAll: '0', + usePreviousBuildAsReference: true + ]) + } + } + + stage ('System Test') { + steps { + sh """ + source venv/bin/activate + #make tests || true + nosetests --with-xunit --all-modules --traverse-namespace --with-coverage --cover-package=cvprac --cover-inclusive --cover-html test/system/* || true + """ + } + + post { + always { + junit keepLongStdio: true, testResults: 'nosetests.xml' + publishHTML target: [ + reportDir: 'cover', + reportFiles: 'index.html', + reportName: 'Coverage Report' + ] + } + } + } + + stage ('Docs') { + steps { + sh """ + source venv/bin/activate + PYTHONPATH=. pdoc --html --html-dir docs --overwrite cvprac + """ + } + + post { + always { + publishHTML target: [ + reportDir: 'docs/cvprac', + reportFiles: 'index.html', + reportName: 'Module Documentation' + ] + } + } + } + + stage ('Cleanup') { + steps { + sh 'rm -rf venv' + } + } + } + + post { + failure { + mail body: "${env.JOB_NAME} (${env.BUILD_NUMBER}) ${env.projectName} build error " + + "is here: ${env.BUILD_URL}\nStarted by ${env.BUILD_CAUSE}" , + from: env.emailFrom, + //replyTo: env.emailFrom, + subject: "${env.projectName} ${env.JOB_NAME} (${env.BUILD_NUMBER}) build failed", + to: env.emailTo + } + success { + mail body: "${env.JOB_NAME} (${env.BUILD_NUMBER}) ${env.projectName} build successful\n" + + "Started by ${env.BUILD_CAUSE}", + from: env.emailFrom, + //replyTo: env.emailFrom, + subject: "${env.projectName} ${env.JOB_NAME} (${env.BUILD_NUMBER}) build successful", + to: env.emailTo + } + } +} @@ -0,0 +1,32 @@ +======= +License +======= + +Copyright (c) 2017, Arista Networks EOS+ +All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are met: + +* Redistributions of source code must retain the above copyright notice, this + list of conditions and the following disclaimer. + +* Redistributions in binary form must reproduce the above copyright notice, + this list of conditions and the following disclaimer in the documentation + and/or other materials provided with the distribution. + +* Neither the name of the {organization} nor the names of its + contributors may be used to endorse or promote products derived from + this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" +AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE +DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE +FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR +SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, +OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + diff --git a/MANIFEST.in b/MANIFEST.in new file mode 100644 index 0000000..1942977 --- /dev/null +++ b/MANIFEST.in @@ -0,0 +1,22 @@ +include README.md +include Makefile +include *.spec +include *.txt +include LICENSE +include VERSION +include .pylintrc +recursive-include docs *.rst +recursive-include docs *.cfg +recursive-include docs *.csv +recursive-include docs *.md +recursive-include docs *.png +recursive-include docs *.py +recursive-include docs *.tok +recursive-include docs *.txt +recursive-include test *.py +recursive-include test *.yaml +recursive-include test *.swix +exclude Jenkinsfile +exclude pre-commit.sh +exclude report +exclude htmlcov diff --git a/Makefile b/Makefile new file mode 100644 index 0000000..2c437d8 --- /dev/null +++ b/Makefile @@ -0,0 +1,86 @@ +#!/usr/bin/make +# WARN: gmake syntax +######################################################## +# Makefile for collector +# +# useful targets: +# make check -- manifest checks +# make clean -- clean up workspace +# make pep8 -- pep8 checks +# make pyflakes -- pyflakes checks +# make pylint -- source code checks +# make rpm -- build RPM package +# make sdist -- build python source distribution +# make systest -- runs the system tests +# make tests -- run all of the tests +# +######################################################## +# variable section + +NAME = "cvprac" + +PYTHON=python +COVERAGE=coverage +SITELIB = $(shell $(PYTHON) -c "from distutils.sysconfig import get_python_lib; print get_python_lib()") + +VERSION := $(shell awk '/__version__/{print $$NF}' cvprac/__init__.py | sed "s/'//g") + +RPMSPECDIR = . +RPMSPEC = $(RPMSPECDIR)/$(NAME).spec +RPMRELEASE = 1 +RPMNVR = "$(NAME)-$(VERSION)-$(RPMRELEASE)" + +PEP8_IGNORE = E302,E203,E261 +######################################################## + +all: clean check pep8 pyflakes pylint tests + +check: + check-manifest + +clean: + @echo "Cleaning up distutils stuff" + rm -rf rpmbuild build dist MANIFEST *.egg-info .coverage + @echo "Cleaning up byte compiled python stuff" + find . -type f -regex ".*\.py[co]$$" -delete + +coverage_report: + $(COVERAGE) report -m + +pep8: + -pep8 -r --max-line-length=120 --ignore=$(PEP8_IGNORE) cvprac/ + -pep8 -r --max-line-length=120 --ignore=$(PEP8_IGNORE),E402 test/ + +pyflakes: + pyflakes cvprac/ test/ + +pylint: + find ./cvprac ./test -name \*.py | xargs pylint --rcfile .pylintrc + +unittest: clean + $(COVERAGE) run --source $(NAME) -m unittest discover test/unit -v + +systest: clean + $(COVERAGE) run --source $(NAME) -m unittest discover test/system -v + +tests: unittest systest coverage_report + +rpmcommon: sdist + @mkdir -p rpmbuild + @cp dist/*.gz rpmbuild/ + @sed -e 's#^Version:.*#Version: $(VERSION)#' -e 's#^Release:.*#Release: $(RPMRELEASE)#' $(RPMSPEC) >rpmbuild/$(NAME).spec + +rpm: rpmcommon + @rpmbuild --define "_topdir %(pwd)/rpmbuild" \ + --define "_builddir %{_topdir}" \ + --define "_rpmdir %{_topdir}" \ + --define "_srcrpmdir %{_topdir}" \ + --define "_specdir $(RPMSPECDIR)" \ + --define "_sourcedir %{_topdir}" \ + --define "_rpmfilename %%{NAME}-%%{VERSION}-%%{RELEASE}.rpm" \ + --define "__python /usr/bin/python" \ + -ba rpmbuild/$(NAME).spec + @rm -f rpmbuild/$(NAME).spec + +sdist: clean + $(PYTHON) setup.py sdist diff --git a/README.md b/README.md new file mode 100644 index 0000000..bb71888 --- /dev/null +++ b/README.md @@ -0,0 +1,417 @@ +# Arista Cloudvision® Portal RESTful API Client + +[![pypi](https://img.shields.io/pypi/v/cvprac.svg)](https://pypi.python.org/pypi/cvprac) + +## Table of Contents + +1. [Overview](#overview) + - [Requirements](#requirements) +1. [Installation](#installation) + - [Development: Run from Source](#development-run-from-source) +1. [Getting Started](#getting-started) + - [Connecting](#connecting) + - [CVP On Premises](#cvp-on-premises) + - [CVaaS](#cvaas) + - [CVP Version Handling](#cvp-version-handling) + - [Examples](#examples) +1. [Notes For API Class Usage](#notes-for-api-class-usage) + - [Containers](#containers) +1. [Testing](#testing) +1. [Contact or Questions](#contact-or-questions) +1. [Contributing](#contributing) + - [Working With Git](#working-with-git) + - [Submitting Pull Requests](#submitting-pull-requests) + - [Pull Request Semantics](#pull-request-semantics) +1. [License](#license) + +## Overview + +This module provides a RESTful API client for Cloudvision® Portal (CVP) +which can be used for building applications that work with Arista CVP. + +When the class is instantiated the logging is configured. Either syslog, +file logging, both, or none can be enabled. If neither syslog nor +filename is specified then no logging will be performed. + +This class supports creating a connection to a CVP node and then issuing +subsequent GET and POST requests to CVP. A GET or POST request will be +automatically retried on the same node if the request receives a +requests.exceptions.Timeout or ReadTimeout error. A GET or POST request +will be automatically retried on the same node if the request receives a +CvpSessionLogOutError. For this case a login will be performed before +the request is retried. For either case, the maximum number of times a +request will be retried on the same node is specified by the class +attribute NUM\_RETRY\_REQUESTS. + +If more than one CVP node is specified when creating a connection, and a +GET or POST request that receives a requests.exceptions.ConnectionError, +requests.exceptions.HTTPError, or a requests.exceptions.TooManyRedirects +will be retried on the next CVP node in the list. If a GET or POST +request that receives a requests.exceptions.Timeout or +CvpSessionLogOutError and the retries on the same node exceed +NUM\_RETRY\_REQUESTS, then the request will be retried on the next node +on the list. + +If any of the errors persists across all nodes then the GET or POST +request will fail and the last error that occurred will be raised. + +The class provides connect, get, and post methods that allow the user to +make RESTful API calls to CVP. See the example below using the get +method. + +The class provides a wrapper function around the CVP RESTful API +operations. Each API method takes the RESTful API parameters as method +parameters to the operation method. The API class was added to the +client class because the API functions are required when using the CVP +RESTful API and placing them in this library avoids duplicating the +calls in every application that uses this class. See the examples below +using the API methods. + +### Requirements + +- Python 2.7 or later +- Python logging module +- Python requests module version 1.0.0 or later + +## Installation + +The source code for cvprac is provided on Github at +<https://github.com/aristanetworks/cvprac>. All current development is +done in the develop branch. Stable released versions are tagged in the +master branch and uploaded to <https://pypi.python.org>. + +If your platform has internet access you can use the Python Package +manager to install cvprac. + + admin:~ admin$ sudo pip install cvprac + +You can upgrade cvprac + + admin:~ admin$ sudo pip install --upgrade cvprac + +### Development: Run from Source + +We recommend running cvprac in a virtual environment. For more +information, read this: +<http://docs.python-guide.org/en/latest/dev/virtualenvs/> + +These instructions will help you install and run cvprac from source. +This is useful if you plan on contributing or if you would always like +to see the latest code in the develop branch. Note that these steps +require the pip and git commands. + +#### Step 1: Clone the cvprac Github repo + + # Go to a directory where you'd like to keep the source + admin:~ admin$ cd ~/projects + admin:~ admin$ git clone https://github.com/aristanetworks/cvprac + admin:~ admin$ cd cvprac + +#### Step 2: Check out the desired version or branch + + # Go to a directory where you'd like to keep the source + admin:~ admin$ cd ~/projects/cvprac + + # To see a list of available versions or branches + admin:~ admin$ git tag + admin:~ admin$ git branch + + # Checkout the desired version of code + admin:~ admin$ git checkout v1.0.3 + +#### Step 3: Install cvprac using Pip with -e switch + + # Go to a directory where you'd like to keep the source + admin:~ admin$ cd ~/projects/cvprac + + # Install + admin:~ admin$ sudo pip install -e ~/projects/cvprac + +#### Step 4: Install cvprac development requirements + + # Go to a directory where you'd like to keep the source + admin:~ admin$ pip install -r dev-requirements.txt + +## Getting Started + +Once the package has been installed you can run the following example to +verify that everything has been installed properly. + +### Connecting + +Connecting to CVP will depend on your CVP setup. Several options are +outlined below. + +### CVP On Premises + +CVP On Premises is for users with CVP running on a local server or +cluster of servers. This is the standard form of connection. Multiple +examples below demonstrate connecting to CVP On Premises setups. + +### CVaaS + +CVaaS is CloudVision as a Service. Users with CVaaS must use a REST API +token for accessing CVP with REST APIs. + +- In the case where users authenticate with CVP (CVaaS) using Oauth a +- REST API token is required to be generated and used for running REST +- APIs. In this case no username/password login is necessary, but the +- API token (via api\_token parameter) must be provided to cvprac client +- with the is\_cvaas parameter. In the case that the api\_token is used +- for REST APIs the username and password will be ignored and the tenant +- parameter is not needed. + +An example of a CVaaS connection is shown below. + +Note that the token parameter was previously cvaas\_token but this has +been converted to api\_token because tokens are also available for usage +with On Prem CVP deployments. The api\_token parameter name is more +generic in this sense. If you are using the cvaas\_token parameter +please convert to api\_token because the cvaas\_token parameter will be +deprecated in the future. + +### CVP Version Handling + +The CVP RESTful APIs often change between releases of CVP. Cvprac +attempts to mask these API changes from the user via making appropriate +API calls based on the CVP version while attempting to maintain return +data and not changing function names when possible. This helps maintain +backward compatibility for users when they upgrade CVP so that any +custom automation/scripts will continue to work. In some cases +maintaining return data requires additional API calls so there are cases +where this comes with the cost of a slight performance hit. Users are +free to access the clients get(), post() and delete() methods and make +API calls directly if they want to avoid the potential time delay of +some API functions. The current API version information handled by +cvprac is shown below. + +- Current latest API version is 4.0 API version is set to latest +- available version for CVaaS API version is set to 4.0 for 2020.1.1 and +- beyond. API version is set to 3.0 for 2019.0.0 through 2020.1.0 API +- version is set to 2.0 for 2018.2.X API version is set to 1.0 for +- 2018.1.X and prior + +### Examples + +Example using CVP On Prem client get method directly: + + >>> from cvprac.cvp_client import CvpClient + >>> clnt = CvpClient() + >>> clnt.connect(['cvp1', 'cvp2', 'cvp3'], 'cvp_user', 'cvp_word') + >>> result = clnt.get('/cvpInfo/getCvpInfo.do') + >>> print result + {u'version': u'2016.1.0'} + >>> + +Same example as above using the API method: + + >>> from cvprac.cvp_client import CvpClient + >>> clnt = CvpClient() + >>> clnt.connect(['cvp1', 'cvp2', 'cvp3'], 'cvp_user', 'cvp_word') + >>> result = clnt.api.get_cvp_info() + >>> print result + {u'version': u'2016.1.0'} + >>> + +Same example as above but connecting to CVaaS with a token: Note that +the username and password parameters are required by the connect +function but will be ignored when using api\_token: + + >>> from cvprac.cvp_client import CvpClient + >>> clnt = CvpClient() + >>> clnt.connect(nodes=['cvaas'], username='', password='', is_cvaas=True, api_token='user token') + >>> result = clnt.api.get_cvp_info() + >>> print result + {u'version': u'cvaas'} + >>> + +Example using the API method to create a container, wait 5 seconds, then +delete the container. Before running this example manually create a +container named DC-1 on your CVP node. + + >>> import time + >>> from cvprac.cvp_client import CvpClient + >>> clnt = CvpClient() + >>> clnt.connect(['cvp1'], 'cvp_user', 'cvp_word') + >>> parent = clnt.api.search_topology('DC-1') + >>> clnt.api.add_container('TORs', 'DC-1', parent['containerList'][0]['key']) + >>> child = clnt.api.search_topology('TORs') + >>> time.sleep(5) + >>> result = clnt.api.delete_container('TORs', child['containerList'][0]['key'], 'DC-1', parent['containerList'][0]['key']) + >>> + +## Notes for API Class Usage + +### Containers + +With the API the containers are added for all cases. If you add the +container to the original root container 'Tenant' then you have to do a +refresh from the GUI to see the container after it is added or deleted. +If the root container has been renamed or the parent container is not +the root container then an add or delete will update the GUI without +requiring a manual refresh. + +## Testing + +The cvprac module provides system tests. To run the system tests, you +will need to update the `cvp_nodes.yaml` file found in test/fixtures. + +Requirements for running the system tests: + +- Need one CVP node for test with a test user account. Create the same + account on the switch used for testing. The user account information + follows: + + username: CvpRacTest + password: AristaInnovates + + If switch does not have correct username and/or password then the tests that + execute tasks will fail with the following error: + + AssertionError: Execution for task id 220 failed and in the test log is the error: + + Failure response received from the netElement : ' Unauthorized User ' + +- Test has dedicated access to the CVP node. +- CVP node contains at least one device in a container. +- Container or device has at least one configlet applied. + +To run the system tests: + +- run `make tests` from the root of the cvprac source folder. + +## Contact or Questions + +Cvprac is developed by Arista EOS+ CS and supported by the Arista EOS+ +community. Support for the code is provided on a best effort basis by +the Arista EOS+ CS team and the community. You can contact the team that +develops these modules by sending an email to <eosplus-dev@arista.com>. + +For customers that are looking for a premium level of support, please +contact your local account team or email <eosplus@arista.com> for help. + +## Contributing + +Contributing pull requests are gladly welcomed for this repository. Not only contributing to the code but also we encourage the users to contribute in the form of examples, docs, tutorials, and user guides. + +Please note that all contributions that modify the library behavior +require corresponding test cases otherwise the pull request will be +rejected. + +### Working With Git + +It is recommended to fork the project and then start development on the forked repository's **develop** branch. This can achieved with the below steps: + +- [Fork](https://docs.github.com/en/get-started/quickstart/fork-a-repo) the repo then clone your fork, + and configure the remotes: + + # Clone your fork of the repo into the current directory + git clone https://github.com/<your-username>/cvprac + + # Navigate to the newly cloned directory + cd cvprac + + # Assign the original repo to a remote called "upstream" + git remote add upstream https://github.com/aristanetworks/cvprac.git + +- If you cloned a while ago, get the latest changes from upstream: + + # Work on the develop branch of the forked repo + git checkout develop + + # Pull the latest changes from the develop branch of aristanetworks cvprac + git pull upstream develop + +- Create a new topic branch (off the main project development branch) to + contain your feature, change, or fix: + + git checkout -b <topic-branch-name> + +- Commit your changes in logical chunks. Please adhere to these [git commit + message guidelines](http://tbaggery.com/2008/04/19/a-note-about-git-commit-messages.html) + or your code is unlikely to be merged into the main project. Use Git's + [git rebase](https://docs.github.com/en/get-started/using-git/about-git-rebase) + feature to tidy up your commits before making them public. + +- Locally merge (or rebase) the upstream development branch into your topic branch every time before pushing it to your fork: + + # Here the <dev-branch> is develop + git pull [--rebase] upstream <dev-branch> + +- Push your topic branch up to your fork: + + git push origin <topic-branch-name> + +- [Open a Pull Request](https://github.com/aristanetworks/cvprac/pulls) + with a clear title, description and explain how to test the feature. + +### Submitting Pull Requests + +- It is recommended to open an issue before starting work on a pull request to make sure if the same issue is not reported previously and someone is already working on that. When suggesting a new feature, also make sure it won't conflict with any work that's already in progress. + +- Once the issue is opened either self-assign the issue or ask the maintainer to assign it for you. This will make sure no others are working on the same issue. + +- All new functionality must include relevant tests where applicable. + +- When submitting a pull request, please be sure to work off of the **develop** branch and not from other branches. The **develop** branch is used for ongoing development, while the **master** will hold the last stable version. + +- To automate release-notes creation and make filtering process easier, it is strongly recommended to use [conventional commit](https://www.conventionalcommits.org/en/v1.0.0/#summary) syntax at least for Pull Request (PR) title. + +- All code submissions must follow the below criteria: + + - The issue/PR title should follow the semantic as described [here](#pull-request-semantics) + - All the tests are updated and are passed successfully + - Python syntax is valid + +### Pull Request Semantics + +The Pull Request title should start with one of the below to easily segregate if its a feature add or a bug or something related documentation etc. + +It is strongly recommended to use one from the below: + +- ```Feat```: Create a capability e.g. feature, test, dependency +- ```Fix```: Fix an issue e.g. bug, typo, accident, misstatement +- ```Doc```: Refactor of documentation, e.g. help files +- ```Example```: Add a new example or modify an [existing one](docs/labs/) +- ```Test```: Add or refactor anything regarding test, e.g add a new testCases or missing testCases +- ```Refactor```: A code change that MUST be just a refactoring +- ```Bump```: Increase the version of something e.g. dependency +- ```Revert```: Change back to the previous commit +- ```Optimize```: Refactor of performance, e.g. speed up code +- ```CI```: Update CI components, e.g. molecule files or Github Actions +- ```Cut```: Remove a capability e.g. feature, test, dependency + +For example: + +- Feat: Add support for decommissioning APIs +- Test: Add missing test cases for change control +- Doc: Document new examples for change control + +## License + +Copyright© 2020, Arista Networks, Inc. All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are +met: + +- Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. +- Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. +- Neither the name of Arista Networks nor the names of its + contributors may be used to endorse or promote products derived from + this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS \"AS +IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED +TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A +PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL ARISTA NETWORKS BE +LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF +THE POSSIBILITY OF SUCH DAMAGE. @@ -0,0 +1 @@ +1.3.1 diff --git a/cvprac.spec b/cvprac.spec new file mode 100644 index 0000000..2d8ce3e --- /dev/null +++ b/cvprac.spec @@ -0,0 +1,37 @@ +Name: cvprac +Version: Replaced_by_make +Release: 1%{?dist} +Summary: REST API client for communicating with an Arista Cloudvision(R) Portal node. + +Group: Development/Libraries +License: BSD (3-clause) +URL: http://www.arista.com +Source0: %{name}-%{version}.tar.gz +BuildArch: noarch +BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) + +%description +The cvprac package is part of the devops library for EOS developed by Arista. The cvprac provides a python REST API client for communicating with an Arista Cloudvision(R) Portal node. + +%prep +%setup -q + +%build +%{__python} setup.py build + +%install +rm -rf %{buildroot} +%{__python} setup.py install --skip-build --root $RPM_BUILD_ROOT + +%clean +rm -rf $RPM_BUILD_ROOT + +%postun + +%files +%defattr(-,root,root,-) +%{python_sitelib}/cvprac* + +%changelog +* Thu Apr 19 2016 John Corbin +-- Initial Build. diff --git a/cvprac/__init__.py b/cvprac/__init__.py new file mode 100644 index 0000000..33ab12d --- /dev/null +++ b/cvprac/__init__.py @@ -0,0 +1,36 @@ +# +# Copyright (c) 2017, Arista Networks, Inc. +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions are +# met: +# +# Redistributions of source code must retain the above copyright notice, +# this list of conditions and the following disclaimer. +# +# Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# +# Neither the name of Arista Networks nor the names of its +# contributors may be used to endorse or promote products derived from +# this software without specific prior written permission. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL ARISTA NETWORKS +# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR +# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE +# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN +# IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +# +''' RESTful API Client class for Cloudvision(R) Portal +''' + +__version__ = '1.3.1' +__author__ = 'Arista Networks, Inc.' diff --git a/cvprac/cvp_api.py b/cvprac/cvp_api.py new file mode 100644 index 0000000..dc3fda1 --- /dev/null +++ b/cvprac/cvp_api.py @@ -0,0 +1,4100 @@ +# +# Copyright (c) 2017, Arista Networks, Inc. +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions are +# met: +# +# Redistributions of source code must retain the above copyright notice, +# this list of conditions and the following disclaimer. +# +# Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# +# Neither the name of Arista Networks nor the names of its +# contributors may be used to endorse or promote products derived from +# this software without specific prior written permission. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +# 'AS IS' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL ARISTA NETWORKS +# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR +# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE +# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN +# IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +# +''' Class containing calls to CVP RESTful API. +''' +import operator +import os +import time +# This import is for proper file IO handling support for both Python 2 and 3 +# pylint: disable=redefined-builtin +from io import open +from datetime import datetime +from re import split + +from cvprac.cvp_client_errors import CvpApiError + +try: + from urllib import quote_plus as qplus +except (AttributeError, ImportError): + from urllib.parse import quote_plus as qplus + +OPERATOR_DICT = { + '>': operator.gt, + '<': operator.lt, + '>=': operator.ge, + '<=': operator.le, + '==': operator.eq +} + + +class CvpApi(object): + ''' CvpApi class contains calls to CVP RESTful API. The RESTful API + parameters are passed in as parameters to the method. The results of + the RESTful API call are converted from json to a dict and returned. + Where needed minimal processing is performed on the results. + Any method that does a cvprac get or post call could raise the + following errors: + + ConnectionError: A ConnectionError is raised if there was a network + problem (e.g. DNS failure, refused connection, etc) + CvpApiError: A CvpApiError is raised if there was a JSON error. + CvpRequestError: A CvpRequestError is raised if the request is not + properly constructed. + CvpSessionLogOutError: A CvpSessionLogOutError is raised if + reponse from server indicates session was logged out. + HTTPError: A HTTPError is raised if there was an invalid HTTP response. + ReadTimeout: A ReadTimeout is raised if there was a request + timeout when reading from the connection. + Timeout: A Timeout is raised if there was a request timeout. + TooManyRedirects: A TooManyRedirects is raised if the request exceeds + the configured number of maximum redirections + ValueError: A ValueError is raised when there is no valid + CVP session. This occurs because the previous get or post request + failed and no session could be established to a CVP node. Destroy + the class and re-instantiate. + ''' + # pylint: disable=too-many-public-methods + # pylint: disable=too-many-lines + + def __init__(self, clnt, request_timeout=30): + ''' Initialize the class. + + Args: + clnt (obj): A CvpClient object + ''' + self.clnt = clnt + self.log = clnt.log + self.request_timeout = request_timeout + + def cvp_version_compare(self, opr, version, msg): + ''' Check provided version with given operator against the current CVP + version + + Args: + opr (string): The operator. Valid operators are: + > - Greater Than + < - Less Than + >= - Greater Than or Equal To + <= - Less Than or Equal To + == - Equal To + version (float): The float API Version number to compare the + running CVP version to. + ''' + if opr not in OPERATOR_DICT: + self.log.error('%s is an invalid operation for version comparison' + % opr) + return False + + # Since CVaaS is automatically the latest version of the API, if + # operators > or >= are provided we can quickly check if we are running + # on CVaaS and return True if found. + if opr in ['>', '>='] and self.clnt.is_cvaas: + return True + + if self.clnt.apiversion is None: + self.get_cvp_info() + + # Example: if a version of 6.0 is provided with greater than or equal + # operator (>=) we are validating that the running CVP version is + # greater than or equal to API Version 6.0. + # Hence -- self.clnt.apiversion >= 6.0 + if not OPERATOR_DICT[opr](self.clnt.apiversion, version): + self.log.warning(msg) + return False + return True + + def get_cvp_info(self): + ''' Returns information about CVP. + + Returns: + cvp_info (dict): CVP Information + ''' + if not self.clnt.is_cvaas: + data = self.clnt.get('/cvpInfo/getCvpInfo.do', + timeout=self.request_timeout) + else: + # For CVaaS do not run the getCvpInfo REST API and assume the + # latest version of the API + data = {'version': 'cvaas'} + if 'version' in data and self.clnt.apiversion is None: + self.clnt.set_version(data['version']) + return data + + # pylint: disable=too-many-arguments + def add_user(self, username, password, role, status, first_name, + last_name, email, user_type): + ''' Add new local user to the CVP UI. + + Args: + username (str): local username on CVP + password (str): password of the user + role (str): role of the user + status (str): state of the user (Enabled/Disabled) + first_name (str): first name of the user + last_name (str): last name of the user + email (str): email address of the user + user_type (str): type of AAA (Local/TACACS/RADIUS) + ''' + if status not in ['Enabled', 'Disabled']: + self.log.error('Invalid status %s.' + ' Status must be Enabled or Disabled.' + ' Defaulting to Disabled' % status) + status = 'Disabled' + data = {"roles": [role], + "user": {"contactNumber": "", + "email": email, + "firstName": first_name, + "lastName": last_name, + "password": password, + "userId": username, + "userStatus": status, + "userType": user_type}} + return self.clnt.post('/user/addUser.do', data=data, + timeout=self.request_timeout) + + def update_user(self, username, password, role, status, first_name, + last_name, email, user_type): + ''' Updates username information, like + changing password, user role, email address, names, + disable/enable the username. + + Args: + username (str): local username on CVP + password (str): password of the user + role (str): role of the user + status (str): state of the user (Enabled/Disabled) + first_name (str): first name of the user + last_name (str): last name of the user + email (str): email address of the user + user_type (str): type of AAA (Local/TACACS/RADIUS) + ''' + if status not in ['Enabled', 'Disabled']: + self.log.error('Invalid status %s.' + ' Status must be Enabled or Disabled.' + ' Defaulting to Disabled' % status) + status = 'Disabled' + data = {"roles": [role], + "user": {"contactNumber": "", + "email": email, + "firstName": first_name, + "lastName": last_name, + "password": password, + "userId": username, + "userStatus": status, + "userType": user_type}} + return self.clnt.post('/user/updateUser.do?userId={}'.format(username), + data=data, timeout=self.request_timeout) + + def get_user(self, username): + ''' Returns specified user information + + Args: + username (str): username on CVP + ''' + return self.clnt.get('/user/getUser.do?userId={}'.format(username), + timeout=self.request_timeout) + + def get_users(self, query='', start=0, end=0): + ''' Returns all users in CVP filtered by an optional query parameter + + Args: + query (str): Query parameter to filter users by. + start (int): Start index for the pagination. Default is 0. + end (int): End index for the pagination. If end index is 0 + then all the records will be returned. Default is 0. + + Returns: + response (dict): A dict that contains the users. + {'total': 1, + 'roles': {'cvpadmin': ['network-admin']}, + 'users': [{'userId': 'cvpadmin', + 'firstName': '', + 'lastName': '', + 'description': '', + 'email': 'cvprac@cvprac.com', + 'lastAccessed': 1654555139700, + 'contactNumber': '', + 'userType': 'Local', + 'userStatus': 'Enabled', + 'currentStatus': 'Online', + 'addedByUser': 'cvp system'}]} + ''' + self.log.debug('get_users: query: %s' % query) + return self.clnt.get('/user/getUsers.do?' + 'queryparam=%s&startIndex=%d&endIndex=%d' % + (qplus(query), start, end), + timeout=self.request_timeout) + + def delete_user(self, username): + ''' Remove specified user from CVP + + Args: + username (str): username on CVP + ''' + data = [username] + return self.clnt.post('/user/deleteUsers.do', data=data, + timeout=self.request_timeout) + + def get_task_by_id(self, task_id): + ''' Returns the current CVP Task status for the task with the specified + TaskId. + + Args: + task_id (int): CVP task identifier + + Returns: + task (dict): The CVP task for the associated Id. Returns None + if the task_id was invalid. + ''' + self.log.debug('get_task_by_id: task_id: %s' % task_id) + try: + task = self.clnt.get('/task/getTaskById.do?taskId=%s' % task_id, + timeout=self.request_timeout) + except CvpApiError as error: + self.log.debug('Caught error: %s attempting to get task.' % error) + # Catch an invalid task_id error and return None + return None + return task + + def get_tasks_by_status(self, status, start=0, end=0): + ''' Returns a list of tasks with the given status. + + Args: + status (str): Task status + start (int): Start index for the pagination. Default is 0. + end (int): End index for the pagination. If end index is 0 + then all the records will be returned. Default is 0. + + Returns: + tasks (list): The list of tasks + ''' + self.log.debug('get_tasks_by_status: status: %s' % status) + data = self.clnt.get( + '/task/getTasks.do?queryparam=%s&startIndex=%d&endIndex=%d' % + (status, start, end), timeout=self.request_timeout) + return data['data'] + + def get_tasks(self, start=0, end=0): + ''' Returns a list of all the tasks. + + Args: + start (int): Start index for the pagination. Default is 0. + end (int): End index for the pagination. If end index is 0 + then all the records will be returned. Default is 0. + + Returns: + tasks (dict): The 'total' key contains the number of tasks, + the 'data' key contains a list of the tasks. + ''' + self.log.debug('get_tasks:') + return self.clnt.get('/task/getTasks.do?queryparam=&startIndex=%d&' + 'endIndex=%d' % (start, end), + timeout=self.request_timeout) + + def get_logs_by_id(self, task_id, start=0, end=0): + ''' Returns the log entries for the task with the specified TaskId. + + Args: + task_id (int): CVP task identifier + start (int): The first log entry to return. Default is 0. + end (int): The last log entry to return. Default is 0 which + means to return all log entries. Can be a large number to + indicate the last log entry. + + Returns: + task (dict): The CVP log for the associated Id. Returns None + if the task_id was invalid. + ''' + self.log.debug('get_logs_by_id: task_id: %s' % task_id) + if self.clnt.apiversion is None: + self.get_cvp_info() + if self.clnt.apiversion < 5.0: + self.log.debug('v1 - v4 /task/getLogsByID.do?') + resp = self.clnt.get('/task/getLogsById.do?id=%s&queryparam=' + '&startIndex=%d&endIndex=%d' % + (task_id, start, end), + timeout=self.request_timeout) + else: + self.log.debug('v5 /audit/getLogs.do') + task_info = self.get_task_by_id(task_id) + stage_id = None + if 'stageId' in task_info: + stage_id = task_info['stageId'] + else: + self.log.debug('No stage ID found for task %s' % task_id) + if 'ccIdV2' in task_info: + cc_id = task_info['ccIdV2'] + if cc_id == '': + self.log.debug('No ccIdV2 for task %s.' + ' It was likely cancelled.' + ' Using old /task/getLogsByID.do?' + % task_id) + resp = self.clnt.get( + '/task/getLogsById.do?id=%s&queryparam=' + '&startIndex=%d&endIndex=%d' % (task_id, start, end), + timeout=self.request_timeout) + else: + resp = self.get_audit_logs_by_id(cc_id, stage_id) + else: + self.log.debug('No change ID found for task %s' % task_id) + resp = None + return resp + + def get_audit_logs_by_id(self, cc_id, stage_id=None, data_size=75): + ''' Returns the audit logs of a particular ChangeControl. + + Args: + cc_id (string): change control ID from ccIdV2 field + stage_id (string): stage ID from stageId field + data_size (int): data size + + Returns: + task (dict): The CVP log for the associated ccIdV2 + ''' + data = {"category": "ChangeControl", + "startTime": 0, + "endTime": 0, + "dataSize": data_size, + "objectKey": cc_id, + "lastRetrievedAudit": {}} + if stage_id: + data["tags"] = {"stageId": stage_id} + return self.clnt.post('/cvpservice/audit/getLogs.do?', data=data, + timeout=self.request_timeout) + + def add_note_to_task(self, task_id, note): + ''' Add notes to the task. + + Args: + task_id (str): Task ID + note (str): Note to add to the task + ''' + self.log.debug('add_note_to_task: task_id: %s note: %s' % + (task_id, note)) + data = {'workOrderId': task_id, 'note': note} + self.clnt.post('/task/addNoteToTask.do', data=data, + timeout=self.request_timeout) + + def execute_task(self, task_id): + ''' Execute the task. Note that if the task has failed then inspect + the task logs to determine why the task failed. If you see: + + Failure response received from the netElement: Unauthorized User + + then it means that the netelement does not have the same user ID + and/or password as the CVP user executing the task. + + Args: + task_id (str): Task ID + ''' + self.log.debug('execute_task: task_id: %s' % task_id) + data = {'data': [task_id]} + self.clnt.post('/task/executeTask.do', data=data, + timeout=self.request_timeout) + + def cancel_task(self, task_id): + ''' Cancel the task + + Args: + task_id (str): Task ID + ''' + self.log.debug('cancel_task: task_id: %s' % task_id) + data = {'data': [task_id]} + return self.clnt.post('/task/cancelTask.do', data=data, + timeout=self.request_timeout) + + def get_configlets(self, start=0, end=0): + ''' Returns a list of all defined configlets. + + Args: + start (int): Start index for the pagination. Default is 0. + end (int): End index for the pagination. If end index is 0 + then all the records will be returned. Default is 0. + ''' + if self.clnt.apiversion is None: + self.get_cvp_info() + configlets = self.clnt.get('/configlet/getConfiglets.do?' + 'startIndex=%d&endIndex=%d' % (start, end), + timeout=self.request_timeout) + if self.clnt.apiversion == 1.0 or self.clnt.apiversion >= 4.0: + self.log.debug('v1/v4+ Inventory API Call') + return configlets + else: + self.log.debug('v2 Inventory API Call') + # New API getConfiglets does not return the actual configlet config + # Get the actual configlet config using getConfigletByName + if 'data' in configlets: + for configlet in configlets['data']: + full_cfglt_data = self.get_configlet_by_name( + configlet['name']) + configlet['config'] = full_cfglt_data['config'] + return configlets + + def get_configlets_and_mappers(self): + ''' Returns a list of all defined configlets and associated mappers + ''' + self.log.debug( + 'get_configlets_and_mappers: getConfigletsAndAssociatedMappers') + return self.clnt.get('/configlet/getConfigletsAndAssociatedMappers.do') + + def get_configlet_builder(self, c_id): + ''' Returns the configlet builder data for the given configlet ID. + + Args: + c_id (str): The ID (key) for the configlet to be queried. + ''' + return self.clnt.get('/configlet/getConfigletBuilder.do?id=%s' + % c_id, timeout=self.request_timeout) + + def search_configlets(self, query, start=0, end=0): + ''' Returns a list of configlets that match a search query. + + Args: + query (str): A simple string of text to be matched against + the existing configlets. Not a regex. + start (int): Start index for the pagination. Default is 0. + end (int): End index for the pagination. If end index is 0 + then all the records will be returned. Default is 0. + ''' + self.log.debug('search_configlets: query: %s' % query) + return self.clnt.get('/configlet/searchConfiglets.do?' + 'queryparam=%s&startIndex=%d&endIndex=%d' % + (qplus(query), start, end), + timeout=self.request_timeout) + + def get_configlet_by_name(self, name): + ''' Returns the configlet with the specified name + + Args: + name (str): Name of the configlet. Can contain spaces. + + Returns: + configlet (dict): The configlet dict. + ''' + self.log.debug('get_configlets_by_name: name: %s' % name) + return self.clnt.get('/configlet/getConfigletByName.do?name=%s' + % qplus(name), timeout=self.request_timeout) + + def get_configlets_by_container_id(self, c_id, start=0, end=0): + ''' Returns a list of configlets applied to the given container. + + Args: + c_id (str): The container ID (key) to query. + start (int): Start index for the pagination. Default is 0. + end (int): End index for the pagination. If end index is 0 + then all the records will be returned. Default is 0. + ''' + return self.clnt.get('/provisioning/getConfigletsByContainerId.do?' + 'containerId=%s&startIndex=%d&endIndex=%d' + % (c_id, start, end), + timeout=self.request_timeout) + + def get_configlets_by_netelement_id(self, d_id, start=0, end=0): + ''' Returns a list of configlets applied to the given device. + + Args: + d_id (str): The device ID (key) to query. + start (int): Start index for the pagination. Default is 0. + end (int): End index for the pagination. If end index is 0 + then all the records will be returned. Default is 0. + ''' + return self.clnt.get('/provisioning/getConfigletsByNetElementId.do?' + 'netElementId=%s&startIndex=%d&endIndex=%d' + % (d_id, start, end), + timeout=self.request_timeout) + + def get_image_bundle_by_container_id(self, container_id, start=0, end=0, + scope='false'): + ''' Returns a list of ImageBundles applied to the given container. + Args: + container_id (str): The container ID (key) to query. + start (int): Start index for the pagination. Default is 0. + end (int): End index for the pagination. If end index is 0 + then all the records will be returned. Default is 0. + scope (string) the session scope (true or false). + ''' + if scope != 'true' and scope != 'false': + self.log.error('scope value must be true or false.' + ' %s is an invalid value.' + ' Defaulting back to false' % scope) + scope = 'false' + return self.clnt.get('/provisioning/getImageBundleByContainerId.do?' + 'containerId=%s&startIndex=%d&endIndex=%d' + '&sessionScope=%s' + % (container_id, start, end, scope), + timeout=self.request_timeout) + + def get_configlet_history(self, key, start=0, end=0): + ''' Returns the configlet history. + + Args: + key (str): Key for the configlet. + start (int): The first configlet entry to return. Default is 0 + end (int): The last configlet entry to return. Default is 0 + which means to return all configlet entries. Can be a + large number to indicate the last configlet entry. + + Returns: + history (dict): The configlet dict with the changes from + most recent to oldest. + ''' + self.log.debug('get_configlets_history: key: %s' % key) + return self.clnt.get('/configlet/getConfigletHistory.do?configletId=' + '%s&queryparam=&startIndex=%d&endIndex=%d' % + (key, start, end), timeout=self.request_timeout) + + def get_inventory(self, start=0, end=0, query=''): + ''' Returns the a dict of the net elements known to CVP. + + Args: + start (int): The first inventory entry to return. Default is 0 + end (int): The last inventory entry to return. Default is 0 + which means to return all inventory entries. Can be a + large number to indicate the last inventory entry. + query (string): A value that can be used as a match to filter + returned inventory list. For example get all switches that + are running a specific version of EOS. + ''' + self.log.debug('get_inventory: called') + if self.clnt.apiversion is None: + self.get_cvp_info() + if self.clnt.apiversion == 1.0: + self.log.debug('v1 Inventory API Call') + data = self.clnt.get('/inventory/getInventory.do?' + 'queryparam=%s&startIndex=%d&endIndex=%d' % + (qplus(query), start, end), + timeout=self.request_timeout) + return data['netElementList'] + self.log.debug('v2 Inventory API Call') + data = self.clnt.get('/inventory/devices?provisioned=true', + timeout=self.request_timeout) + containers = self.get_containers() + for dev in data: + dev['key'] = dev['systemMacAddress'] + dev['deviceInfo'] = dev['deviceStatus'] = dev['status'] + dev['isMLAGEnabled'] = dev['mlagEnabled'] + dev['isDANZEnabled'] = dev['danzEnabled'] + dev['parentContainerId'] = dev['parentContainerKey'] + dev['bootupTimeStamp'] = dev['bootupTimestamp'] + dev['internalBuildId'] = dev['internalBuild'] + if 'taskIdList' not in dev: + dev['taskIdList'] = [] + if 'tempAction' not in dev: + dev['tempAction'] = None + dev['memTotal'] = 0 + dev['memFree'] = 0 + dev['sslConfigAvailable'] = False + dev['sslEnabledByCVP'] = False + dev['lastSyncUp'] = 0 + dev['type'] = 'netelement' + dev['dcaKey'] = None + container_found = False + for container in containers['data']: + if dev['parentContainerKey'] == container['key']: + dev['containerName'] = container['name'] + container_found = True + if not container_found: + dev['containerName'] = '' + return data + + def add_devices_to_inventory(self, device_list, wait=False): + ''' Add a list of devices to the specified parent container. + + Args: + device_list (list): A list of devices to be added in the + form of dictionaries. Each device dictionary should + contain the following information: + - device_ip (str): ip address of device we are adding + - parent_name (str): Parent container name + - parent_key (str): Parent container key + wait (boolean): Specifies whether to allow a wait time for + devices to appear in inventory before moving them to + the specified container. Applies to v2 API only. + + Example device list: + device_list = [ + { + device_ip: '10.10.10.1', + parent_name: 'Tenant', + parent_key: 'root' + }, + { + device_ip: '10.10.10.2', + parent_name: 'MyContainer', + parent_key: 'container-id-1234' + } + ] + ''' + + self.log.debug('add_device_to_inventory: called') + if self.clnt.apiversion is None: + self.get_cvp_info() + if self.clnt.apiversion == 1.0: + self.log.debug('v1 Inventory API Call') + data_list = [] + for device in device_list: + dev_data = { + 'containerName': device['parent_name'], + 'containerId': device['parent_key'], + 'containerType': 'Existing', + 'ipAddress': device['device_ip'], + 'containerList': [] + } + data_list.append(dev_data) + data = {'data': data_list} + self.clnt.post('/inventory/add/addToInventory.do?' + 'startIndex=0&endIndex=0', data=data, + timeout=self.request_timeout) + else: + self.log.debug('v2 Inventory API Call') + + # Create a list of device IPs + device_ips = [dev['device_ip'] for dev in device_list] + + # First add the devices to the inventory in a single call + data = {'hosts': device_ips} + self.clnt.post('/inventory/devices', data=data, + timeout=self.request_timeout) + + # Get the inventory list + inv = self.get_inventory() + + if wait: + # With v2, the devices can take a few moments to appear + # We need them present before we can move them to a container + timeout = time.time() + 600 + while device_ips and time.time() < timeout: + inv_devices = [dev['ipAddress'] for dev in inv] + device_ips = list(set(device_ips) - set(inv_devices)) + if device_ips: + time.sleep(2) + inv = self.get_inventory() + + if device_ips: + # If any devices did not appear, there is a problem + # Join the missing IPs into a string for output + missing_ips = ', '.join(device_ips) + raise RuntimeError('Devices {} failed to appear ' + 'in inventory'.format(missing_ips)) + + # Move the devices to their specified containers + for device in device_list: + devs = [dev for dev in inv if 'ipAddress' in dev and + device['device_ip'] in dev['ipAddress']] + dev = devs[0] + container = {'key': device['parent_key'], + 'name': device['parent_name']} + self.move_device_to_container('add_device_to_inventory API v2', + dev, container, False) + + def add_device_to_inventory(self, device_ip, parent_name, + parent_key, wait=False): + ''' Add the device to the specified parent container. + + Args: + device_ip (str): ip address of device we are adding + parent_name (str): Parent container name + parent_key (str): Parent container key + ''' + # Put parameters into a dictionary and call add_devices_to_inventory + device = { + 'device_ip': device_ip, + 'parent_name': parent_name, + 'parent_key': parent_key + } + self.add_devices_to_inventory([device], wait=wait) + + def retry_add_to_inventory(self, device_mac, device_ip, username, + password): + '''Retry addition of device to Cvp inventory + + Args: + device_mac (str): MAC address of device + device_ip (str): ip address assigned to device + username (str): username for device login + password (str): password for user + ''' + self.log.debug('retry_add_to_inventory: called') + if self.clnt.apiversion is None: + self.get_cvp_info() + if self.clnt.apiversion == 1.0: + self.log.debug('v1 Inventory API Call') + data = {"key": device_mac, + "ipAddress": device_ip, + "userName": username, + "password": password} + self.clnt.post('/inventory/add/retryAddDeviceToInventory.do?' + 'startIndex=0&endIndex=0', + data=data, + timeout=self.request_timeout) + else: + self.log.debug('v2 Inventory API Call') + self.log.warning( + 'retry_add_to_inventory: not implemented for v2 APIs') + + def delete_device(self, device_mac): + '''Delete the device and its pending tasks from Cvp inventory + + Args: + device_mac (str): mac address of device we are deleting + For CVP 2020 this param is now required to + be the device serial number instead of MAC + address. This method will handle getting + the device serial number via the provided + MAC address. + Returns: + data (dict): Contains success or failure message + ''' + self.log.debug('delete_device: called') + return self.delete_devices([device_mac]) + + def delete_devices(self, device_macs): + '''Delete the device and its pending tasks from Cvp inventory + + Args: + device_macs (list): list of mac address for + devices we're deleting + For CVP 2020 this param is now required to + be a list of device serial numbers instead + of MAC addresses. This method will handle + getting the device serial number via the + provided MAC address. + Returns: + data (dict): Contains success or failure message + ''' + self.log.debug('delete_devices: called') + resp = None + if self.clnt.apiversion is None: + self.get_cvp_info() + if self.clnt.apiversion < 4.0: + data = {'data': device_macs} + resp = self.clnt.post('/inventory/deleteDevices.do?', data=data, + timeout=self.request_timeout) + else: + self.log.warning('NOTE: The Delete Devices API has updated for' + ' CVP 2020.2 and it is not required to send the' + ' device serial number instead of mac address' + ' when deleting a device. Looking up each devices' + 'serial num based on provided MAC addresses') + devices = [] + for dev_mac in device_macs: + device_info = self.get_device_by_mac(dev_mac) + if device_info is not None and 'serialNumber' in device_info: + devices.append(device_info) + resp = self.delete_devices_by_serial(devices) + return resp + + def delete_devices_by_serial(self, devices): + '''Delete the device and its pending tasks from Cvp inventory + + Args: + devices (list): list of device objects to be deleted + + Returns: + data (dict): Contains success or failure message + ''' + device_serials = [] + for device in devices: + device_serials.append(device['serialNumber']) + data = {'data': device_serials} + resp = self.clnt.delete('/inventory/devices', data=data, + timeout=self.request_timeout) + return resp + + def get_non_connected_device_count(self): + '''Returns number of devices not accessible/connected in the temporary + inventory. + + Returns: + data (int): Number of temporary inventory devices not + accessible/connected + ''' + self.log.debug('get_non_connected_device_count: called') + if self.clnt.apiversion is None: + self.get_cvp_info() + if self.clnt.apiversion == 1.0: + self.log.debug('v1 Inventory API Call') + data = self.clnt.get( + '/inventory/add/getNonConnectedDeviceCount.do', + timeout=self.request_timeout) + return data['data'] + self.log.debug('v2 Inventory API Call') + data = self.clnt.get('/inventory/devices?provisioned=false', + timeout=self.request_timeout) + unprovisioned_devs = 0 + for dev in data: + if 'status' in dev and dev['status'] == '': + unprovisioned_devs += 1 + return unprovisioned_devs + + def save_inventory(self): + '''Saves Cvp inventory state + ''' + self.log.debug('save_inventory: called') + if self.clnt.apiversion is None: + self.get_cvp_info() + if self.clnt.apiversion == 1.0: + self.log.debug('v1 Inventory API Call') + return self.clnt.post('/inventory/add/saveInventory.do', + timeout=self.request_timeout) + self.log.debug('v2 Inventory API Call') + message = 'Save Inventory not implemented/necessary for' +\ + ' CVP 2018.2 and beyond' + data = {'data': 0, 'message': message} + return data + + def get_devices_in_container(self, name): + ''' Returns a dict of the devices under the named container. + + Args: + name (str): The name of the container to get devices from + ''' + self.log.debug('get_devices_in_container: called') + devices = [] + container = self.get_container_by_name(name) + if container: + all_devices = self.get_inventory(0, 0, name) + for device in all_devices: + if device['parentContainerId'] == container['key']: + devices.append(device) + return devices + + def get_device_by_name(self, fqdn, search_by_hostname=False): + ''' Returns the net element device dict for the devices fqdn name. + + Args: + fqdn (str): Fully qualified domain name or hostname of the + device. + search_by_hostname (boolean): if set True will attempt to split + the fqdn string to match on the hostname portion + specifically which should be the first component + + Returns: + device (dict): The net element device dict for the device if + otherwise returns an empty hash. + ''' + self.log.debug('get_device_by_name: fqdn: %s' % fqdn) + # data = self.get_inventory(start=0, end=0, query=fqdn) + data = self.search_topology(fqdn) + device = {} + if 'netElementList' in data: + for netelem in data['netElementList']: + if not search_by_hostname: + if netelem['fqdn'] == fqdn: + device = netelem + break + else: + if netelem['fqdn'].split('.')[0] == fqdn: + device = netelem + break + return device + + def get_device_by_mac(self, device_mac): + ''' Returns the net element device dict for the devices mac address. + + Args: + device_mac (str): MAC Address of the device. + + Returns: + device (dict): The net element device dict for the device if + otherwise returns an empty hash. + ''' + self.log.debug('get_device_by_mac: MAC address: %s' % device_mac) + # data = self.get_inventory(start=0, end=0, query=device_mac) + data = self.search_topology(device_mac) + device = {} + if 'netElementList' in data: + for netelem in data['netElementList']: + if netelem['systemMacAddress'] == device_mac: + device = netelem + break + return device + + def get_device_by_serial(self, device_serial): + ''' Returns the net element device dict for the devices serial number. + + Args: + device_serial (str): Serial number of the device. + + Returns: + device (dict): The net element device dict for the device if + otherwise returns an empty hash. + ''' + self.log.debug('get_device_by_serial: Serial Number: %s' + % device_serial) + data = self.search_topology(device_serial) + device = {} + if 'netElementList' in data: + for netelem in data['netElementList']: + if netelem['serialNumber'] == device_serial: + device = netelem + break + return device + + def get_device_configuration(self, device_mac): + ''' Returns the running configuration for the device provided. + + Args: + device_mac (str): Mac address of the device to get the running + configuration for. + + Returns: + device (dict): The net element device dict for the device if + otherwise returns an empty hash. + ''' + self.log.debug('get_device_configuration: device_mac: %s' % device_mac) + if self.clnt.apiversion is None: + self.get_cvp_info() + if self.clnt.apiversion < 4.0: + data = self.clnt.get('/inventory/getInventoryConfiguration.do?' + 'netElementId=%s' % device_mac, + timeout=self.request_timeout) + else: + data = self.clnt.get('/inventory/device/config?' + 'netElementId=%s' % device_mac, + timeout=self.request_timeout) + running_config = '' + if 'output' in data: + running_config = data['output'] + return running_config + + def get_device_image_info(self, device_mac): + ''' Return a dict of info about a device in CVP. + + Args: + device_mac (str): Mac address of the device to get the running + configuration for. + + Returns: + device_image_info (dict): Dict of image info for the device + if found. Otherwise returns None. + ''' + self.log.debug('Attempt to get net element data for %s' % device_mac) + try: + device_image_info = self.clnt.get( + '/provisioning/getNetElementInfoById.do?netElementId=%s' + % qplus(device_mac), timeout=self.request_timeout) + except CvpApiError as error: + # Catch error when device for provided MAC is not found + if 'Invalid Netelement id' in str(error): + self.log.debug('Device with MAC %s not found' % device_mac) + return None + raise error + return device_image_info + + def get_containers(self, start=0, end=0): + ''' Returns a list of all the containers. + + Args: + start (int): Start index for the pagination. Default is 0. + end (int): End index for the pagination. If end index is 0 + then all the records will be returned. Default is 0. + + Returns: + containers (dict): The 'total' key contains the number of + containers, the 'data' key contains a list of the containers + with associated info. + ''' + self.log.debug('Get list of containers') + if self.clnt.apiversion is None: + self.get_cvp_info() + if self.clnt.apiversion == 1.0: + self.log.debug('v1 Inventory API Call') + return self.clnt.get('/inventory/add/searchContainers.do?' + 'startIndex=%d&endIndex=%d' % (start, end)) + self.log.debug('v2 Inventory API Call') + containers = self.clnt.get('/inventory/containers') + for container in containers: + container['name'] = container['Name'] + container['key'] = container['Key'] + full_cont_info = self.get_container_by_id( + container['Key']) + if (full_cont_info is not None and + container['Key'] != 'root'): + container['parentName'] = full_cont_info['parentName'] + for cont in containers: + if cont['Name'] == full_cont_info['parentName']: + container['parentId'] = cont['Key'] + break + else: + self.log.debug( + 'No container parentId found for parentName %s', + full_cont_info['parentName']) + container['parentId'] = None + else: + container['parentName'] = None + container['parentId'] = None + container['type'] = None + container['id'] = 21 + container['factoryId'] = 1 + container['userId'] = None + container['childContainerId'] = None + return {'data': containers, 'total': len(containers)} + + def get_container_by_name(self, name): + ''' Returns a container that exactly matches the name. + + Args: + name (str): String to search for in container names. + + Returns: + container (dict): Container info in dictionary format or None + ''' + self.log.debug('Get info for container %s' % name) + conts = self.clnt.get('/provisioning/searchTopology.do?queryParam=%s' + '&startIndex=0&endIndex=0' % qplus(name)) + if conts['total'] > 0 and conts['containerList']: + for cont in conts['containerList']: + if cont['name'] == name: + return cont + return None + + def get_container_by_id(self, key): + ''' Returns a container for the given id. + + Args: + key (str): String ID for container to find. + + Returns: + container (dict): Container info in dictionary format or None + ''' + self.log.debug('Get info for container %s' % key) + return self.clnt.get('/provisioning/getContainerInfoById.do?' + 'containerId=%s' % qplus(key)) + + def get_configlets_by_device_id(self, mac, start=0, end=0): + ''' Returns the list of configlets applied to a device. + + Args: + mac (str): Device mac address (i.e. device id) + start (int): The first configlet entry to return. Default is 0 + end (int): The last configlet entry to return. Default is 0 + which means to return all configlet entries. Can be a + large number to indicate the last configlet entry. + + Returns: + configlets (list): The list of configlets applied to the device + ''' + self.log.debug('get_configlets_by_device: mac: %s' % mac) + data = self.get_configlets_by_netelement_id(mac, start, end) + return data['configletList'] + + def add_configlet_builder(self, name, config, draft=False, form=None): + ''' Add a confilget builder and return the key for the configlet builder. + + Args: + name (str): Configlet builder name + config (str): Python configlet builder code + draft (bool): If builder is a draft + form (list): Array/list of form data + Parameters: + fieldId (str): "", + fieldLabel (str): "", + value (str): "", + type (str): "", (Options below) + ('Text box', + 'Text area', + 'Drop down', + 'Check box', + 'Radio button', + 'IP address', + 'Password') + validation: { + mandatory (boolean): true, + }, + helpText (str): "", + depends (str): "", + dataValidationErrorExist (boolean): true, + dataValidation (string): "" + + Returns: + key (str): The key for the configlet + ''' + if not form: + form = [] + + self.log.debug('add_configlet_builder: name: %s config: %s form: %s' + % (name, config, form)) + data = {'name': name, + 'data': {'formList': form, + 'main_script': {'data': config}}} + # Create the configlet builder + self.clnt.post('/configlet/addConfigletBuilder.do?isDraft=%s' % draft, + data=data, timeout=self.request_timeout) + + # Get the key for the configlet + data = self.clnt.get( + '/configlet/getConfigletByName.do?name=%s' % qplus(name), + timeout=self.request_timeout) + return data['key'] + + def add_configlet(self, name, config): + ''' Add a configlet and return the key for the configlet. + + Args: + name (str): Configlet name + config (str): Switch config statements + + Returns: + key (str): The key for the configlet + ''' + self.log.debug('add_configlet: name: %s config: %s' % (name, config)) + body = {'name': name, 'config': config} + # Create the configlet + self.clnt.post('/configlet/addConfiglet.do', data=body, + timeout=self.request_timeout) + + # Get the key for the configlet + data = self.clnt.get('/configlet/getConfigletByName.do?name=%s' + % qplus(name), timeout=self.request_timeout) + return data['key'] + + + def delete_configlet(self, name, key): + ''' Delete the configlet. + + Args: + name (str): Configlet name + key (str): Configlet key + ''' + self.log.debug('delete_configlet: name: %s key: %s' % (name, key)) + body = [{'name': name, 'key': key}] + # Delete the configlet + self.clnt.post('/configlet/deleteConfiglet.do', data=body, + timeout=self.request_timeout) + + def update_configlet(self, config, key, name, wait_task_ids=False): + ''' Update a configlet. + + Args: + config (str): Switch config statements + key (str): Configlet key + name (str): Configlet name + wait_task_ids (boolean): Wait for task IDs to generate + + Returns: + data (dict): Contains success or failure message + ''' + self.log.debug('update_configlet: config: %s key: %s name: %s' % + (config, key, name)) + + # Update the configlet + body = {'config': config, 'key': key, 'name': name, + 'waitForTaskIds': wait_task_ids} + return self.clnt.post('/configlet/updateConfiglet.do', data=body, + timeout=self.request_timeout) + + def update_configlet_builder(self, name, key, config, draft=False, + wait_for_task=False, form=None): + ''' Update an existing configlet builder. + Args: + config (str): Contents of the configlet builder configuration + key: (str): key/id of the configlet builder to be updated + name: (str): name of the configlet builder + draft (boolean): is update a draft + wait_for_task (boolean): wait for task IDs to be generated + form (list): Array/list of form data + Parameters: + fieldId (str): "", + fieldLabel (str): "", + value (str): "", + type (str): "", (Options below) + ('Text box', + 'Text area', + 'Drop down', + 'Check box', + 'Radio button', + 'IP address', + 'Password') + validation: { + mandatory (boolean): true, + }, + helpText (str): "", + depends (str): "", + dataValidationErrorExist (boolean): true, + dataValidation (string): "" + ''' + if not form: + form = [] + + data = { + "name": name, + "waitForTaskIds": wait_for_task, + "data": { + "formList": form, + "main_script": { + "data": config + } + } + } + debug_str = 'update_configlet_builder:' \ + ' config: {} key: {} name: {} form: {}' + self.log.debug(debug_str.format(config, key, name, form)) + # Update the configlet builder + url_string = '/configlet/updateConfigletBuilder.do?' \ + 'isDraft={}&id={}&action=save' + return self.clnt.post(url_string.format(draft, key), + data=data, timeout=self.request_timeout) + + def update_reconcile_configlet(self, device_mac, config, key, name, + reconciled=False): + ''' Update the reconcile configlet. + + Args: + device_mac (str): Mac address/Key for device whose reconcile + configlet is being updated + config (str): Reconciled config statements + key (str): Reconcile Configlet key + name (str): Reconcile Configlet name + reconciled (boolean): Wait for task IDs to generate + + Returns: + data (dict): Contains success or failure message + ''' + log_str = ('update_reconcile_configlet:' + ' device_mac: {} config: {} key: {} name: {}') + self.log.debug(log_str.format(device_mac, config, key, name)) + + url_str = ('/provisioning/updateReconcileConfiglet.do?' + 'netElementId={}') + body = { + 'config': config, + 'key': key, + 'name': name, + 'reconciled': reconciled, + 'unCheckedLines': '', + } + return self.clnt.post(url_str.format(device_mac), data=body, + timeout=self.request_timeout) + + def add_note_to_configlet(self, key, note): + ''' Add a note to a configlet. + + Args: + key (str): Configlet key + note (str): Note to be added to configlet. + ''' + data = { + 'key': key, + 'note': note, + } + return self.clnt.post('/configlet/addNoteToConfiglet.do', + data=data, timeout=self.request_timeout) + + def sanitize_warnings(self, data): + ''' Sanitize the warnings returned after validation. + + In some cases where the configlets has both errors + and warnings, CVP may split any warnings that have + `,` across multiple strings. + This method concats the strings back into one string + per warning, and correct the warningCount. + + Args: + data (dict): A dict that contians the result + of the validation operation + Returns: + response (dict): A dict that contains the result of the + validation operation + ''' + if "warnings" not in data: + # nothing to do here, we can return as is + return data + # Since there may be warnings incorrectly split on + # ', ' within the warning text by CVP, we join all the + # warnings together using ', ' into one large string + temp_warnings = ", ".join(data['warnings']).strip() + + # To split the large string again we match on the + # 'at line XXX' that should indicate the end of the warning. + # We capture as well the remaining \\n or whitespace and include + # the extra ', ' added in the previous step in the matching criteria. + # The extra ', ' is not included in the strings of the new list + temp_warnings = split( + r'(.*?at line \d+.*?),\s+', + temp_warnings + ) + + # The behaviour of re.split will add empty strings + # if the regex matches on the begging or ending of the line. + # Refer to https://docs.python.org/3/library/re.html#re.split + + # Use filter to remove any empty strings + # that re.split inserted + data['warnings'] = list(filter(None, temp_warnings)) + # Update the count of warnings to the correct value + data['warningCount'] = len(data['warnings']) + return data + + def validate_config_for_device(self, device_mac, config): + ''' Validate a config against a device + + Args: + device_mac (str): Device MAC address + config (str): Switch config statements + + Returns: + response (dict): A dict that contains the result of the + validation operation + ''' + self.log.debug('validate_config_for_device: device_mac: %s config: %s' + % (device_mac, config)) + body = {'netElementId': device_mac, 'config': config} + return self.sanitize_warnings( + self.clnt.post( + '/configlet/validateConfig.do', + data=body, + timeout=self.request_timeout + ) + ) + + def validate_config(self, device_mac, config): + ''' Validate a config against a device and parse response to + produce log messages are return a flag for the config validity. + + Args: + device_mac (str): Device MAC address + config (str): Switch config statements + + Returns: + response (boolean): A flag signifying if the config is valid or + not. + ''' + self.log.debug('validate_config: device_mac: %s config: %s' + % (device_mac, config)) + result = self.validate_config_for_device(device_mac, config) + validated = True + if 'warningCount' in result and result['warnings']: + for warning in result['warnings']: + self.log.warning('Validation of config produced warning - %s' + % warning) + if 'errorCount' in result: + self.log.error('Validation of config produced %s errors' + % result['errorCount']) + if 'errors' in result: + for error in result['errors']: + self.log.error('Validation of config produced error - %s' + % error) + validated = False + if 'result' in result: + for item in result['result']: + if 'messages' in item: + for message in item['messages']: + self.log.info('Validation of config returned' + ' message - %s' % message) + return validated + + def get_all_temp_actions(self, start=0, end=0): + ''' Returns a list of existing temp actions. + + Args: + start (int): Start index for the pagination. Default is 0. + end (int): End index for the pagination. If end index is 0 + then all the records will be returned. Default is 0. + + Returns: + response (dict): A dict that contains a list of the current + temp actions. + ''' + url = ('/provisioning/getAllTempActions.do?startIndex=%d&endIndex=%d' + % (start, end)) + data = self.clnt.get(url, timeout=self.request_timeout) + + return data + + def _add_temp_action(self, data): + ''' Adds temp action that requires a saveTopology call to take effect. + + Args: + data (dict): a data dict with a specific format for the + desired action. + + Base Ex: data = {'data': [{specific key/value pairs}]} + ''' + url = ('/provisioning/addTempAction.do?' + 'format=topology&queryParam=&nodeId=root') + self.clnt.post(url, data=data, timeout=self.request_timeout) + + def _save_topology_v2(self, data): + ''' Confirms a previously created temp action. + + Args: + data (list): a list that contains a dict with a specific + format for the desired action. Our primary use case is for + confirming existing temp actions so we most often send an + empty list to confirm an existing temp action. + + Returns: + response (dict): A dict that contains a status and a list of + task ids created (if any). + + Ex: {u'data': {u'status': u'success', u'taskIds': []}} + ''' + url = '/provisioning/v2/saveTopology.do' + return self.clnt.post(url, data=data, timeout=self.request_timeout) + + def apply_configlets_to_device(self, app_name, dev, new_configlets, + create_task=True, reorder_configlets=False): + ''' Apply the configlets to the device. + + Args: + app_name (str): The application name to use in info field. + dev (dict): The switch device dict + new_configlets (list): List of configlet name and key pairs + create_task (bool): Determines whether or not to execute a save + and create the tasks (if any) + reorder_configlets (bool): Defaults to False. To use this + parameter you must first get the full list of configlets + applied to the device (for example via the + get_configlets_by_device_id function) and provide the + full list of configlets (in addition to any new configlets + being applied) in the desired order as the new_configlets + parameter. It is also important to keep in mind configlets + that are applied to parent containers because they will + be applied before configlets applied to the device + directly. Set this parameter to True only with the full + list of configlets being applied to the device provided + via the new_configlets parameter. + + Returns: + response (dict): A dict that contains a status and a list of + task ids created (if any). + + Ex: {u'data': {u'status': u'success', u'taskIds': [u'32']}} + ''' + self.log.debug('apply_configlets_to_device: dev: %s names: %s' % + (dev, new_configlets)) + # Get a list of the names and keys of the configlets + cnames = [] + ckeys = [] + + if not reorder_configlets: + # Get all the configlets assigned to the device. + configlets = self.get_configlets_by_device_id( + dev['systemMacAddress']) + for configlet in configlets: + cnames.append(configlet['name']) + ckeys.append(configlet['key']) + + # Add the new configlets to the end of the arrays + for entry in new_configlets: + cnames.append(entry['name']) + ckeys.append(entry['key']) + + info = '%s: Configlet Assign: to Device %s' % (app_name, dev['fqdn']) + info_preview = '<b>Configlet Assign:</b> to Device' + dev['fqdn'] + data = {'data': [{'info': info, + 'infoPreview': info_preview, + 'note': '', + 'action': 'associate', + 'nodeType': 'configlet', + 'nodeId': '', + 'configletList': ckeys, + 'configletNamesList': cnames, + 'ignoreConfigletNamesList': [], + 'ignoreConfigletList': [], + 'configletBuilderList': [], + 'configletBuilderNamesList': [], + 'ignoreConfigletBuilderList': [], + 'ignoreConfigletBuilderNamesList': [], + 'toId': dev['systemMacAddress'], + 'toIdType': 'netelement', + 'fromId': '', + 'nodeName': '', + 'fromName': '', + 'toName': dev['fqdn'], + 'nodeIpAddress': dev['ipAddress'], + 'nodeTargetIpAddress': dev['ipAddress'], + 'childTasks': [], + 'parentTask': ''}]} + self.log.debug('apply_configlets_to_device: saveTopology data:\n%s' % + data['data']) + self._add_temp_action(data) + if create_task: + return self._save_topology_v2([]) + return None + + # pylint: disable=too-many-locals + def remove_configlets_from_device(self, app_name, dev, del_configlets, + create_task=True): + ''' Remove the configlets from the device. + + Args: + app_name (str): The application name to use in info field. + dev (dict): The switch device dict + del_configlets (list): List of configlet name and key pairs + create_task (bool): Determines whether or not to execute a save + and create the tasks (if any) + + Returns: + response (dict): A dict that contains a status and a list of + task ids created (if any). + + Ex: {u'data': {u'status': u'success', u'taskIds': [u'35']}} + ''' + self.log.debug('remove_configlets_from_device: dev: %s names: %s' % + (dev, del_configlets)) + + # Get all the configlets assigned to the device. + configlets = self.get_configlets_by_device_id(dev['systemMacAddress']) + + # Get a list of the names and keys of the configlets. Do not add + # configlets that are on the delete list. + keep_names = [] + keep_keys = [] + for configlet in configlets: + key = configlet['key'] + if next((ent for ent in del_configlets if ent['key'] == key), + None) is None: + keep_names.append(configlet['name']) + keep_keys.append(key) + + # Remove the names and keys of the configlets to keep and build a + # list of the configlets to remove. + del_names = [] + del_keys = [] + for entry in del_configlets: + del_names.append(entry['name']) + del_keys.append(entry['key']) + + info = '%s Configlet Remove: from Device %s' % (app_name, dev['fqdn']) + info_preview = '<b>Configlet Remove:</b> from Device' + dev['fqdn'] + data = {'data': [{'info': info, + 'infoPreview': info_preview, + 'note': '', + 'action': 'associate', + 'nodeType': 'configlet', + 'nodeId': '', + 'configletList': keep_keys, + 'configletNamesList': keep_names, + 'ignoreConfigletNamesList': del_names, + 'ignoreConfigletList': del_keys, + 'configletBuilderList': [], + 'configletBuilderNamesList': [], + 'ignoreConfigletBuilderList': [], + 'ignoreConfigletBuilderNamesList': [], + 'toId': dev['systemMacAddress'], + 'toIdType': 'netelement', + 'fromId': '', + 'nodeName': '', + 'fromName': '', + 'toName': dev['fqdn'], + 'nodeIpAddress': dev['ipAddress'], + 'nodeTargetIpAddress': dev['ipAddress'], + 'childTasks': [], + 'parentTask': ''}]} + self.log.debug('remove_configlets_from_device: saveTopology data:\n%s' + % data['data']) + self._add_temp_action(data) + if create_task: + return self._save_topology_v2([]) + return None + + def apply_configlets_to_container(self, app_name, container, + new_configlets, create_task=True): + ''' Apply the configlets to the container. + + Args: + app_name (str): The application name to use in info field. + container (dict): The container dict + new_configlets (list): List of configlet name and key pairs + create_task (bool): Determines whether or not to execute a save + and create the tasks (if any) + + Returns: + response (dict): A dict that contains a status and a list of + task ids created (if any). + + Ex: {u'data': {u'status': u'success', u'taskIds': [u'32']}} + ''' + self.log.debug( + 'apply_configlets_to_container: container: %s names: %s' % + (container, new_configlets)) + # Get all the configlets assigned to the device. + configlets = self.get_configlets_by_container_id(container['key']) + + # Get a list of the names and keys of the configlets + # Static Configlets + cnames = [] + ckeys = [] + # ConfigletBuilder Configlets + bnames = [] + bkeys = [] + if configlets['configletList']: + for configlet in configlets['configletList']: + if configlet['type'] == 'Static': + cnames.append(configlet['name']) + ckeys.append(configlet['key']) + elif configlet['type'] == 'Builder': + bnames.append(configlet['name']) + bkeys.append(configlet['key']) + + # Add the new configlets to the end of the arrays + for entry in new_configlets: + cnames.append(entry['name']) + ckeys.append(entry['key']) + + info = '%s: Configlet Assign: to Container %s' % (app_name, + container['name']) + info_preview = '<b>Configlet Assign:</b> to Container' + container[ + 'name'] + data = {'data': [{'info': info, + 'infoPreview': info_preview, + 'note': '', + 'action': 'associate', + 'nodeType': 'configlet', + 'nodeId': '', + 'configletList': ckeys, + 'configletNamesList': cnames, + 'ignoreConfigletNamesList': [], + 'ignoreConfigletList': [], + 'configletBuilderList': bkeys, + 'configletBuilderNamesList': bnames, + 'ignoreConfigletBuilderList': [], + 'ignoreConfigletBuilderNamesList': [], + 'toId': container['key'], + 'toIdType': 'container', + 'fromId': '', + 'nodeName': '', + 'fromName': '', + 'toName': container['name'], + 'nodeIpAddress': '', + 'nodeTargetIpAddress': '', + 'childTasks': [], + 'parentTask': ''}]} + self.log.debug( + 'apply_configlets_to_container: saveTopology data:\n%s' % + data['data']) + self._add_temp_action(data) + if create_task: + return self._save_topology_v2([]) + return data + + # pylint: disable=too-many-locals + # pylint: disable=invalid-name + def remove_configlets_from_container(self, app_name, container, + del_configlets, create_task=True): + ''' Remove the configlets from the container. + + Args: + app_name (str): The application name to use in info field. + container (dict): The container dict + del_configlets (list): List of configlet name and key pairs + create_task (bool): Determines whether or not to execute a save + and create the tasks (if any) + + Returns: + response (dict): A dict that contains a status and a list of + task ids created (if any). + + Ex: {u'data': {u'status': u'success', u'taskIds': [u'35']}} + ''' + self.log.debug( + 'remove_configlets_from_container: container: %s names: %s' % + (container, del_configlets)) + + # Get all the configlets assigned to the device. + configlets = self.get_configlets_by_container_id(container['key']) + + # Get a list of the names and keys of the configlets. Do not add + # configlets that are on the delete list. + keep_names = [] + keep_keys = [] + for configlet in configlets['configletList']: + key = configlet['key'] + if next((ent for ent in del_configlets if ent['key'] == key), + None) is None: + keep_names.append(configlet['name']) + keep_keys.append(key) + + # Remove the names and keys of the configlets to keep and build a + # list of the configlets to remove. + del_names = [] + del_keys = [] + for entry in del_configlets: + del_names.append(entry['name']) + del_keys.append(entry['key']) + + info = '%s Configlet Remove: from Container %s' % (app_name, + container['name']) + info_preview = '<b>Configlet Remove:</b> from Container' + container[ + 'name'] + data = {'data': [{'info': info, + 'infoPreview': info_preview, + 'note': '', + 'action': 'associate', + 'nodeType': 'configlet', + 'nodeId': '', + 'configletList': keep_keys, + 'configletNamesList': keep_names, + 'ignoreConfigletNamesList': del_names, + 'ignoreConfigletList': del_keys, + 'configletBuilderList': [], + 'configletBuilderNamesList': [], + 'ignoreConfigletBuilderList': [], + 'ignoreConfigletBuilderNamesList': [], + 'toId': container['key'], + 'toIdType': 'container', + 'fromId': '', + 'nodeName': '', + 'fromName': '', + 'toName': container['name'], + 'nodeIpAddress': '', + 'nodeTargetIpAddress': '', + 'childTasks': [], + 'parentTask': ''}]} + self.log.debug( + 'remove_configlets_from_container: saveTopology data:\n%s' + % data['data']) + self._add_temp_action(data) + if create_task: + return self._save_topology_v2([]) + return data + + def validate_configlets_for_device(self, mac, configlet_keys, + page_type='viewConfig'): + ''' Validate and compare configlets for device. + + Args: + mac (str): MAC address of device to validate configlets for. + configlet_keys (list): List of configlet keys + page_type (list): Possible Values of pageType - 'viewConfig', + 'managementIPValidation', 'validateConfig', etc... + + Returns: + response (dict): A dict that contains ... + + Ex: {"reconciledConfig": {...}, + "reconcile": 0, + "new": 0, + "designedConfig": [{...}], + "total": 0, + "runningConfig": [{...}], + "isReconcileInvoked": true, + "mismatch": 0, + "warnings": [""], + "errors": [{"configletLineNo": 0, + "error": "string", + "configletId": "string"}, ...] + } + ''' + self.log.debug('validate_configlets_for_device: ' + 'MAC: %s - conf keys: %s - page_type: %s' % + (mac, configlet_keys, page_type)) + data = {'configIdList': configlet_keys, + 'netElementId': mac, + 'pageType': page_type} + return self.clnt.post( + '/provisioning/v2/validateAndCompareConfiglets.do', + data=data, timeout=self.request_timeout) + + def get_applied_devices(self, configlet_name, start=0, end=0): + ''' Returns a list of devices to which the named configlet is applied. + + Args: + configlet_name (str): The name of the configlet to be queried. + start (int): Start index for the pagination. Default is 0. + end (int): End index for the pagination. If end index is 0 + then all the records will be returned. Default is 0. + ''' + return self.clnt.get('/configlet/getAppliedDevices.do?' + 'configletName=%s&startIndex=%d&endIndex=%d' + % (configlet_name, start, end), + timeout=self.request_timeout) + + def get_applied_containers(self, configlet_name, start=0, end=0): + ''' Returns a list of containers to which the named + configlet is applied. + + Args: + configlet_name (str): The name of the configlet to be queried. + start (int): Start index for the pagination. Default is 0. + end (int): End index for the pagination. If end index is 0 + then all the records will be returned. Default is 0. + ''' + return self.clnt.get('/configlet/getAppliedContainers.do?' + 'configletName=%s&startIndex=%d&endIndex=%d' + % (configlet_name, start, end), + timeout=self.request_timeout) + + # pylint: disable=too-many-arguments + def _container_op(self, container_name, container_key, parent_name, + parent_key, operation): + ''' Perform the operation on the container. + + Args: + container_name (str): Container name + container_key (str): Container key, can be empty for add. + parent_name (str): Parent container name + parent_key (str): Parent container key + operation (str): Container operation 'add' or 'delete'. + + Returns: + response (dict): A dict that contains a status and a list of + task ids created (if any). + + Ex: {u'data': {u'status': u'success', u'taskIds': []}} + ''' + msg = ('%s container %s under container %s' % + (operation, container_name, parent_name)) + data = {'data': [{'info': msg, + 'infoPreview': msg, + 'action': operation, + 'nodeType': 'container', + 'nodeId': container_key, + 'toId': '', + 'fromId': '', + 'nodeName': container_name, + 'fromName': '', + 'toName': '', + 'childTasks': [], + 'parentTask': '', + 'toIdType': 'container'}]} + if operation == 'add': + data['data'][0]['toId'] = parent_key + data['data'][0]['toName'] = parent_name + elif operation == 'delete': + data['data'][0]['fromId'] = parent_key + data['data'][0]['fromName'] = parent_name + + # Perform the container operation + self._add_temp_action(data) + return self._save_topology_v2([]) + + def add_container(self, container_name, parent_name, parent_key): + ''' Add the container to the specified parent. + + Args: + container_name (str): Container name + parent_name (str): Parent container name + parent_key (str): Parent container key + + Returns: + response (dict): A dict that contains a status and a list of + task ids created (if any). + + Ex: {u'data': {u'status': u'success', u'taskIds': []}} + ''' + self.log.debug('add_container: container: %s parent: %s parent_key: %s' + % (container_name, parent_name, parent_key)) + return self._container_op(container_name, 'new_container', parent_name, + parent_key, 'add') + + def delete_container(self, container_name, container_key, parent_name, + parent_key): + ''' Add the container to the specified parent. + + Args: + container_name (str): Container name + container_key (str): Container key + parent_name (str): Parent container name + parent_key (str): Parent container key + + Returns: + response (dict): A dict that contains a status and a list of + task ids created (if any). + + Ex: {u'data': {u'status': u'success', u'taskIds': []}} + ''' + self.log.debug('delete_container: container: %s container_key: %s ' + 'parent: %s parent_key: %s' % + (container_name, container_key, parent_name, + parent_key)) + resp = self._container_op(container_name, container_key, parent_name, + parent_key, 'delete') + # As of CVP version 2020.1 the addTempAction.do API endpoint stopped + # raising an Error when attempting to delete a container with children. + # To account for this try to see if the container being deleted + # still exists after the attempted delete. If it still exists + # raise an error similar to how CVP behaved prior to CVP 2020.1 + try: + still_exists = self.get_container_by_id(container_key) + except CvpApiError as error: + if 'Invalid Container id' in error.msg: + return resp + else: + raise + if still_exists is not None: + raise CvpApiError('Container was not deleted. Check for children') + return resp + + def get_parent_container_for_device(self, device_mac): + ''' Add the container to the specified parent. + + Args: + device_mac (str): Device mac address + + Returns: + response (dict): A dict that contains the parent container info + ''' + self.log.debug('get_parent_container_for_device: called for %s' + % device_mac) + data = self.clnt.get('/provisioning/searchTopology.do?' + 'queryParam=%s&startIndex=0&endIndex=0' + % device_mac, timeout=self.request_timeout) + if data['total'] > 0: + cont_name = data['netElementContainerList'][0]['containerName'] + return self.get_container_by_name(cont_name) + return None + + def move_device_to_container(self, app_name, device, container, + create_task=True): + ''' Add the container to the specified parent. + + Args: + app_name (str): String to specify info/signifier of calling app + device (dict): Device info + container (dict): Container info + create_task (bool): Determines whether or not to execute a save + and create the tasks (if any) + + Returns: + response (dict): A dict that contains a status and a list of + task ids created (if any). + + Ex: {u'data': {u'status': u'success', u'taskIds': []}} + ''' + info = 'Device Add {} to container {} by {}'.format(device['fqdn'], + container['name'], + app_name) + self.log.debug('Attempting to move device %s to container %s' + % (device['fqdn'], container['name'])) + if 'parentContainerId' in device: + from_id = device['parentContainerId'] + else: + parent_cont = self.get_parent_container_for_device(device['key']) + from_id = parent_cont['key'] + data = {'data': [{'info': info, + 'infoPreview': info, + 'action': 'update', + 'nodeType': 'netelement', + 'nodeId': device['key'], + 'toId': container['key'], + 'fromId': from_id, + 'nodeName': device['fqdn'], + 'toName': container['name'], + 'toIdType': 'container', + 'childTasks': [], + 'parentTask': ''}]} + try: + self._add_temp_action(data) + # pylint: disable=invalid-name + except CvpApiError as e: + if 'Data already exists' in str(e): + self.log.debug('Device %s already in container %s' + % (device['fqdn'], container)) + if create_task: + return self._save_topology_v2([]) + return None + + def search_topology(self, query, start=0, end=0): + ''' Search the topology for items matching the query parameter. + + Args: + query (str): Query parameter which is the name of the container + or device. + start (int): Start index for the pagination. Default is 0. + end (int): End index for the pagination. If end index is 0 + then all the records will be returned. Default is 0. + + Returns: + response (dict): A dict that contains the container and + netelement lists. + ''' + self.log.debug('search_topology: query: %s start: %d end: %d' % + (query, start, end)) + data = self.clnt.get('/provisioning/searchTopology.do?queryParam=%s&' + 'startIndex=%d&endIndex=%d' + % (qplus(query), start, end), + timeout=self.request_timeout) + if 'netElementList' in data: + for device in data['netElementList']: + device['status'] = device['deviceStatus'] + device['mlagEnabled'] = device['isMLAGEnabled'] + device['danzEnabled'] = device['isDANZEnabled'] + device['parentContainerKey'] = device['parentContainerId'] + device['bootupTimestamp'] = device['bootupTimeStamp'] + device['internalBuild'] = device['internalBuildId'] + return data + + def filter_topology(self, node_id='root', fmt='topology', + start=0, end=0): + ''' Filter the CVP topology for container and device information. + + Args: + node_id (str): The container key to base the filter in. + Default is 'root', for the Tenant container. + fmt (str): The type of filter to return. Must be either + 'topology' or 'list'. Default is 'topology'. + start (int): Start index for the pagination. Default is 0. + end (int): End index for the pagination. If end index is 0 + then all the records will be returned. Default is 0. + ''' + url = ('/provisioning/filterTopology.do?nodeId=%s&' + 'format=%s&startIndex=%d&endIndex=%d' + % (node_id, fmt, start, end)) + return self.clnt.get(url, timeout=self.request_timeout) + + def check_compliance(self, node_key, node_type): + ''' Check that a device is in compliance, that is the configlets + applied to the device match the devices running configuration. + + Args: + node_key (str): The device key. This is the device MAC address + Example: ff:ff:ff:ff:ff:ff + node_type (str): The device type. This is either 'netelement' + or 'container' + + Returns: + response (dict): A dict that contains the results of the + compliance check. + ''' + self.log.debug('check_compliance: node_key: %s node_type: %s' % + (node_key, node_type)) + data = {'nodeId': node_key, 'nodeType': node_type} + resp = self.clnt.post('/provisioning/checkCompliance.do', data=data, + timeout=self.request_timeout) + if self.clnt.apiversion is None: + self.get_cvp_info() + if self.clnt.apiversion >= 2.0: + if resp['complianceIndication'] == u'': + resp['complianceIndication'] = 'NONE' + return resp + + def get_event_by_id(self, e_id): + ''' Return information on the requested event ID. + + Args: + e_id (str): The event id to be queried. + ''' + return self.clnt.get('/event/getEventById.do?eventId=%s' % e_id, + timeout=self.request_timeout) + + def get_default_snapshot_template(self): + ''' Return the default snapshot template. + + ''' + if self.clnt.apiversion is None: + self.get_cvp_info() + if self.clnt.apiversion == 1.0: + self.log.debug('v1 Inventory API Call') + url = ('/snapshot/getDefaultSnapshotTemplate.do?' + 'startIndex=0&endIndex=0') + return self.clnt.get(url, timeout=self.request_timeout) + self.log.debug('v2 Inventory API Call') + self.log.debug('API getDefaultSnapshotTemplate.do' + ' deprecated for CVP 2018.2 and beyond') + return None + + # pylint: disable=invalid-name + def capture_container_level_snapshot(self, template_key, container_key): + ''' Initialize a container level snapshot event. + + Args: + template_key (str): The snapshot template key to be used for + the snapshots. + container_key (str): The container key to start the + snapshots on. + ''' + if self.clnt.apiversion is None: + self.get_cvp_info() + if self.clnt.apiversion == 1.0: + self.log.debug('v1 Inventory API Call') + data = { + 'templateId': template_key, + 'containerId': container_key, + } + return self.clnt.post('/snapshot/captureContainerLevelSnapshot.do', + data=data, timeout=self.request_timeout) + self.log.debug('v2 Inventory API Call') + self.log.debug('API captureContainerLevelSnapshot.do' + ' deprecated for CVP 2018.2 and beyond') + return None + + def add_image(self, filepath): + ''' Add an image to a CVP cluster. + + Args: + filepath (str): Local path to the image to upload. + + Returns: + data (dict): Dictionary of image add data. + ''' + # Get the absolute file path to be uploaded + image_path = os.path.abspath(filepath) + image_data = open(image_path, 'rb') + response = self.clnt.post('/image/addImage.do', + files={'file': image_data}) + return response + + def cancel_image(self, image_name): + ''' Discard/cancel the uploaded image/image bundle before save. + + Args: + image_name (string): Name of image to cancel/discard. + + Returns: + data (dict): Success or error message. + ''' + image_data = {'data': image_name} + return self.clnt.post('/image/cancelImages.do', data=image_data, + timeout=self.request_timeout) + + def get_images(self, start=0, end=0): + ''' Return a list of all images. + + Args: + start (int): Start index for the pagination. Default is 0. + end (int): End index for the pagination. If end index is 0 + then all the records will be returned. Default is 0. + + Returns: + images (dict): The 'total' key contains the number of images, + the 'data' key contains a list of images and their info. + ''' + self.log.debug('Get info about images') + return self.clnt.get('/image/getImages.do?queryparam=&startIndex=%d&' + 'endIndex=%d' % (start, end), + timeout=self.request_timeout) + + def get_image_bundles(self, start=0, end=0): + ''' Return a list of all image bundles. + + Args: + start (int): Start index for the pagination. Default is 0. + end (int): End index for the pagination. If end index is 0 + then all the records will be returned. Default is 0. + + Returns: + image bundles (dict): The 'total' key contains the number of + image bundles, the 'data' key contains a list of image + bundles and their info. + ''' + self.log.debug('Get image bundles that can be applied to devices or' + ' containers') + return self.clnt.get('/image/getImageBundles.do?queryparam=&' + 'startIndex=%d&endIndex=%d' % (start, end), + timeout=self.request_timeout) + + def get_image_bundle_by_name(self, name): + ''' Return a dict of info about an image bundle. + + Args: + name (str): Name of image bundle to return info about. + + Returns: + image bundle (dict): Dict of info specific to the image bundle + requested or None if the name requested doesn't exist. + ''' + self.log.debug('Attempt to get image bundle %s' % name) + try: + image = self.clnt.get('/image/getImageBundleByName.do?name=%s' + % qplus(name), timeout=self.request_timeout) + except CvpApiError as error: + # Catch an invalid task_id error and return None + if 'Entity does not exist' in str(error): + self.log.debug('Bundle with name %s does not exist' % name) + return None + raise error + return image + + def delete_image_bundle(self, image_key, image_name): + ''' Delete image bundle + + Args: + image_key (str): The key of the image bundle to be deleted. + image_name (str): The name of the image bundle to be deleted. + ''' + bundle_data = { + 'data': [{'key': image_key, + 'name': image_name}] + } + return self.clnt.post('/image/deleteImageBundles.do', data=bundle_data, + timeout=self.request_timeout) + + def save_image_bundle(self, name, images, certified=True): + ''' Save an image bundle to a cluster. + + Args: + name (str): The name of the image bundle to be saved. + images (list): A list of image names to include in the bundle. + certified (bool): Whether the image bundle is certified or + not. Default is True. + ''' + certified_image = 'true' if certified else 'false' + data = { + 'name': name, + 'isCertifiedImage': certified_image, + 'images': images, + } + return self.clnt.post('/image/saveImageBundle.do', data=data, + timeout=self.request_timeout) + + def update_image_bundle(self, bundle_id, name, images, certified=True): + ''' Update an existing image bundle + ''' + certified_image = 'true' if certified else 'false' + data = { + 'id': bundle_id, + 'name': name, + 'isCertifiedImage': certified_image, + 'images': images, + } + return self.clnt.post('/image/updateImageBundle.do', data=data, + timeout=self.request_timeout) + + def apply_image_to_device(self, image, device, create_task=True): + ''' Apply an image bundle to a device + + Args: + image (dict): The image info. + device (dict): Info about device to apply image to. + create_task (bool): Determines whether or not to execute a save + and create the tasks (if any) + + Returns: + response (dict): A dict that contains a status and a list of + task ids created (if any). Image updates will not run until + task or tasks are executed. + + Ex: {u'data': {u'status': u'success', u'taskIds': [u'32']}} + ''' + return self.apply_image_to_element(image, device, device['fqdn'], + 'netelement', create_task) + + def apply_image_to_container(self, image, container, create_task=True): + ''' Apply an image bundle to a container + + Args: + image (dict): The image info. + container (dict): Info about container to apply image to. + create_task (bool): Determines whether or not to execute a save + and create the tasks (if any) + + Returns: + response (dict): A dict that contains a status and a list of + task ids created (if any). Image updates will not run until + task or tasks are executed. + + Ex: {u'data': {u'status': u'success', u'taskIds': [u'32']}} + ''' + return self.apply_image_to_element(image, container, container['name'], + 'container', create_task) + + def apply_image_to_element(self, image, element, name, id_type, + create_task=True): + ''' Apply an image bundle to a device or container. + + Args: + image (dict): The image info. + element (dict): Info about element to apply image to. Dict + can contain device info or container info. + name (str): Name of element image is being applied to. + id_type (str): Id type of element image is being applied to. + create_task (bool): Determines whether or not to execute a save + and create the tasks (if any) + + Returns: + response (dict): A dict that contains a status and a list of + task ids created (if any). Image updates will not run until + task or tasks are executed. + + Ex: {u'data': {u'status': u'success', u'taskIds': [u'32']}} + ''' + self.log.debug('Attempt to apply %s to %s %s' % (image['name'], + id_type, name)) + info = 'Apply image: %s to %s %s' % (image['name'], id_type, name) + node_id = '' + if 'imageBundleKeys' in image: + if image['imageBundleKeys']: + node_id = image['imageBundleKeys'][0] + self.log.info('Provided image is an image object.' + ' Using first value from imageBundleKeys - %s' + % node_id) + if 'id' in image: + node_id = image['id'] + self.log.info('Provided image is an image bundle object.' + ' Found v1 API id field - %s' % node_id) + elif 'key' in image: + node_id = image['key'] + self.log.info('Provided image is an image bundle object.' + ' Found v2 API key field - %s' % node_id) + data = {'data': [{'info': info, + 'infoPreview': info, + 'note': '', + 'action': 'associate', + 'nodeType': 'imagebundle', + 'nodeId': node_id, + 'toId': element['key'], + 'toIdType': id_type, + 'fromId': '', + 'nodeName': image['name'], + 'fromName': '', + 'toName': name, + 'childTasks': [], + 'parentTask': ''}]} + self._add_temp_action(data) + if create_task: + return self._save_topology_v2([]) + return None + + def remove_image_from_device(self, image, device): + ''' Remove the image bundle from the specified device. + + Args: + image (dict): The image info. + device (dict): The device info. + + Returns: + response (dict): A dict that contains a status and a list of + task ids created (if any). + + Ex: {u'data': {u'status': u'success', u'taskIds': [u'32']}} + ''' + return self.remove_image_from_element(image, device, device['fqdn'], + 'netelement') + + def remove_image_from_container(self, image, container): + ''' Remove the image bundle from the specified container. + + Args: + image (dict): The image info. + container (dict): The container info. + + Returns: + response (dict): A dict that contains a status and a list of + task ids created (if any). + + Ex: {u'data': {u'status': u'success', u'taskIds': [u'32']}} + ''' + return self.remove_image_from_element(image, container, + container['name'], 'container') + + def remove_image_from_element(self, image, element, name, id_type): + ''' Remove the image bundle from the specified container. + + Args: + image (dict): The image info. + element (dict): The container info. + name (): name. + id_type (): type. + + Returns: + response (dict): A dict that contains a status and a list of + task ids created (if any). + + Ex: {u'data': {u'status': u'success', u'taskIds': [u'32']}} + ''' + self.log.debug('Attempt to remove %s from %s' % (image['name'], name)) + info = 'Remove image: %s from %s' % (image['name'], name) + node_id = '' + if 'imageBundleKeys' in image: + if image['imageBundleKeys']: + node_id = image['imageBundleKeys'][0] + self.log.info('Provided image is an image object.' + ' Using first value from imageBundleKeys - %s' + % node_id) + if 'id' in image: + node_id = image['id'] + self.log.info('Provided image is an image bundle object.' + ' Found v1 API id field - %s' % node_id) + elif 'key' in image: + node_id = image['key'] + self.log.info('Provided image is an image bundle object.' + ' Found v2 API key field - %s' % node_id) + data = {'data': [{'info': info, + 'infoPreview': info, + 'note': '', + 'action': 'associate', + 'nodeType': 'imagebundle', + 'nodeId': '', + 'toId': element['key'], + 'toIdType': id_type, + 'fromId': '', + 'nodeName': '', + 'fromName': '', + 'toName': name, + 'ignoreNodeId': node_id, + 'ignoreNodeName': image['name'], + 'childTasks': [], + 'parentTask': ''}]} + self._add_temp_action(data) + return self._save_topology_v2([]) + + def get_change_controls(self, query='', start=0, end=0): + ''' Returns a list of change controls. + + Args: + query (str): Query to look for in change control names + start (int): Start index for the pagination. Default is 0. + end (int): End index for the pagination. If end index is 0 + then all the records will be returned. Default is 0. + + Returns: + change controls (list): The list of change controls + ''' + self.log.debug('get_change_controls: query: %s' % query) + if self.clnt.apiversion is None: + self.get_cvp_info() + if self.clnt.apiversion >= 3.0: + self.log.debug('v3/v4/v5 getChangeControls API Call') + self.log.warning( + 'get_change_controls: change control APIs moved for v3/v4/v5') + return None + + self.log.debug('v2 getChangeControls API Call') + data = self.clnt.get( + '/changeControl/getChangeControls.do?searchText=%s' + '&startIndex=%d&endIndex=%d' % (qplus(query), start, end), + timeout=self.request_timeout) + if 'data' not in data: + return None + return data['data'] + + def change_control_available_tasks(self, query='', start=0, end=0): + ''' Returns a list of tasks that are available for a change control. + + Args: + query (str): Query to look for in task + start (int): Start index for the pagination. Default is 0. + end (int): End index for the pagination. If end index is 0 + then all the records will be returned. Default is 0. + + Returns: + tasks (list): The list of available tasks + ''' + self.log.debug('change_control_available_tasks: query: %s' % query) + if self.clnt.apiversion is None: + self.get_cvp_info() + if self.clnt.apiversion >= 3.0: + self.log.debug( + 'v3/v4/v5 uses existing get_task_by_status API Call') + return self.get_tasks_by_status('PENDING') + + self.log.debug('v2 getTasksByStatus API Call') + data = self.clnt.get( + '/changeControl/getTasksByStatus.do?searchText=%s' + '&startIndex=%d&endIndex=%d' % (qplus(query), start, end), + timeout=self.request_timeout) + if 'data' not in data: + return None + return data['data'] + + def create_change_control(self, name, change_control_tasks, timezone, + country_id, date_time, snapshot_template_key='', + change_control_type='Custom', + stop_on_error='false'): + ''' Create change control with provided information and return + change control ID. + + Args: + name (string): The name for the new change control. + change_control_tasks (list): A list of key value pairs where + the key is the Task ID and the value is the task order + as an integer. + Ex: [{'taskId': '100', 'taskOrder': 1}, + {'taskId': '101', 'taskOrder': 1}, + {'taskId': '102', 'taskOrder': 2}] + timezone (string): The timezone as a string. + Ex: "America/New_York" + country_id (string): The country ID. + Ex: "United States" + date_time (string): The date and time for execution. + Time is military time format. + Ex: "2018-08-22 11:30" + snapshot_template_key (string): ??? + change_control_type (string): The type of change control being + created. Options are "Custom" or "Rollback". + stop_on_error (string): String representation of a boolean + to set whether this change control will stop if an error is + encountered in one of its tasks. + + Returns: + response (dict): A dict that contains... + + Ex: {"data": "success", "ccId": "4"} + ''' + self.log.debug('create_change_control') + # { + # "timeZone": "America/New_York", + # "countryId": "United States", + # "dateTime": "2018-08-22 11:30", + # "ccName": "test2", + # "snapshotTemplateKey": "", + # "type": "Custom", + # "stopOnError": "false", + # "deletedTaskIds": [], + # "changeControlTasks": [ + # { + # "taskId": "126", + # "taskOrder": 1, + # "snapshotTemplateKey": "", + # "clonedCcId": "" + # } + # ] + # } + if self.clnt.apiversion is None: + self.get_cvp_info() + if self.clnt.apiversion >= 3.0: + self.log.debug('v3/v4/v5 addOrUpdateChangeControl API Call') + self.log.warning('create_change_control:' + ' change control APIs moved for v3/v4/v5') + return None + + self.log.debug('v2 addOrUpdateChangeControl API Call') + task_data_list = [] + for task_info in change_control_tasks: + task_list_entry = {'taskId': task_info['taskId'], + 'taskOrder': task_info['taskOrder'], + 'snapshotTemplateKey': snapshot_template_key, + 'clonedCcId': ''} + task_data_list.append(task_list_entry) + data = {'timeZone': timezone, + 'countryId': country_id, + 'dateTime': date_time, + 'ccName': name, + 'snapshotTemplateKey': snapshot_template_key, + 'type': change_control_type, + 'stopOnError': stop_on_error, + 'deletedTaskIds': [], + 'changeControlTasks': task_data_list} + return self.clnt.post('/changeControl/addOrUpdateChangeControl.do', + data=data, timeout=self.request_timeout) + + def create_change_control_v3(self, cc_id, name, tasks, sequential=True): + ''' Create change control with provided information and return + change control ID. + + Args: + cc_id (string): The ID for the new change control. + name (string): The name for the new change control. + tasks (list): A list of Task IDs as strings + Ex: ['10', '11', '12'] + sequential (bool): A flag for running tasks sequentially or + in parallel. Defaults to True for running sequentially. + + Returns: + response (dict): A dict that contains... + + Ex: [{u'id': u'cc_id', + u'update_timestamp': u'...'}] + ''' + self.log.debug('create_change_control_v3') + if self.clnt.apiversion is None: + self.get_cvp_info() + if self.clnt.apiversion < 3.0: + self.log.debug('Wrong method for API version %s.' + ' Use create_change_control method', + self.clnt.apiversion) + self.log.warning('create_change_control_v3:' + ' Use old change control APIs for old versions') + return None + + self.log.debug('v3 Update change control API Call') + stages = [] + if sequential: + for index, task in enumerate(tasks): + stage_id = 'stage%d' % index + stage = {'stage': [{ + 'id': stage_id, + 'action': { + 'name': 'task', + 'args': { + 'TaskID': task, + } + } + }]} + stages.append(stage) + else: + stage_rows = [] + for index, task in enumerate(tasks): + stage_id = 'stage%d' % index + stage_row = { + 'id': stage_id, + 'action': { + 'name': 'task', + 'args': { + 'TaskID': task, + } + } + } + stage_rows.append(stage_row) + stages.append({'stage': stage_rows}) + data = {'config': { + 'id': cc_id, + 'name': name, + 'root_stage': { + 'id': 'root', + 'stage_row': stages, + } + }} + return self.clnt.post('/api/v3/services/ccapi.ChangeControl/Update', + data=data, timeout=self.request_timeout) + + def add_notes_to_change_control(self, cc_id, notes): + ''' Add provided notes to the specified change control. + + Args: + cc_id (string): The id for the change control to add notes to. + notes (string): The notes to add to the change control. + + Returns: + response (dict): A dict that contains... + + Ex: {"data": "success"} + ''' + self.log.debug('add_notes_to_change_control: cc_id %s, notes %s' + % (cc_id, notes)) + if self.clnt.apiversion is None: + self.get_cvp_info() + if self.clnt.apiversion >= 3.0: + self.log.debug( + 'v3/v4/v5 addNotesToChangeControl API Call deprecated') + self.log.warning('add_notes_to_change_control:' + ' change control APIs not supported for v3/v4/v5') + return None + + self.log.debug('v2 addNotesToChangeControl API Call') + data = {'ccId': cc_id, + 'notes': notes} + return self.clnt.post('/changeControl/addNotesToChangeControl.do', + data=data, timeout=self.request_timeout) + + def execute_change_controls(self, cc_ids): + ''' Execute the change control indicated by its ccId. + + Args: + cc_ids (list): A list of change control IDs to be executed. + ''' + if self.clnt.apiversion is None: + self.get_cvp_info() + if self.clnt.apiversion >= 3.0: + self.log.debug( + 'v3/v4/v5 /api/v3/services/ccapi.ChangeControl/Start API Call') + for cc_id in cc_ids: + resp_list = [] + data = {'cc_id': cc_id} + resp = self.clnt.post( + '/api/v3/services/ccapi.ChangeControl/Start', + data=data, timeout=self.request_timeout) + resp_list.append(resp) + return resp_list + + self.log.debug('v2 executeCC API Call') + cc_id_list = [{'ccId': x} for x in cc_ids] + data = {'ccIds': cc_id_list} + return self.clnt.post('/changeControl/executeCC.do', data=data, + timeout=self.request_timeout) + + def approve_change_control(self, cc_id, timestamp=None): + ''' Cancel the provided change controls. + + Args: + cc_id (string): The change control IDs to be approved. + timestamp(string): The change controls timestamp. + ''' + if not timestamp: + timestamp = datetime.utcnow().isoformat() + 'Z' + self.log.debug('approve_change_control') + if self.clnt.apiversion is None: + self.get_cvp_info() + if self.clnt.apiversion < 3.0: + self.log.debug('Approval methods not valid for API version %s.' + ' Functionality did not exist', + self.clnt.apiversion) + return None + + self.log.debug('v3 Approve change control API Call') + data = {'cc_id': cc_id, 'cc_timestamp': timestamp} + return self.clnt.post( + '/api/v3/services/ccapi.ChangeControl/AddApproval', + data=data, timeout=self.request_timeout) + + def delete_change_control_approval(self, cc_id): + ''' Cancel the provided change controls. + + Args: + cc_id (string): The change control IDs to be approved. + ''' + self.log.debug('delete_change_control_approval') + if self.clnt.apiversion is None: + self.get_cvp_info() + if self.clnt.apiversion < 3.0: + self.log.debug('Approval methods not valid for API version %s.' + ' Functionality did not exist', + self.clnt.apiversion) + return None + + self.log.debug('v3 Delete Approval for change control API Call') + data = {'cc_id': cc_id} + return self.clnt.post( + '/api/v3/services/ccapi.ChangeControl/DeleteApproval', + data=data, timeout=self.request_timeout) + + def cancel_change_controls(self, cc_ids): + ''' Cancel the provided change controls. + + Args: + cc_ids (list): A list of change control IDs to be cancelled. + ''' + if self.clnt.apiversion is None: + self.get_cvp_info() + if self.clnt.apiversion >= 3.0: + self.log.debug( + 'v3/v4/v5 /api/v3/services/ccapi.ChangeControl/Stop API Call') + resp_list = [] + for cc_id in cc_ids: + data = {'cc_id': cc_id} + resp = self.clnt.post( + '/api/v3/services/ccapi.ChangeControl/Stop', + data=data, timeout=self.request_timeout) + resp_list.append(resp) + return resp_list + + self.log.debug('v2 cancelChangeControl API Call') + data = {'ccIds': cc_ids} + return self.clnt.post('/changeControl/cancelChangeControl.do', + data=data, timeout=self.request_timeout) + + def delete_change_controls(self, cc_ids): + ''' Delete the provided change controls. + + Args: + cc_ids (list): A list of change control IDs to be deleted. + ''' + msg = 'Change Control Resource APIs supported from 2021.2.0 or newer.' + if self.cvp_version_compare('>=', 6.0, msg): + self.log.debug( + 'v6+ Using Resource API Change Control Delete API Call') + resp_list = [] + for cc_id in cc_ids: + resp = self.change_control_delete(cc_id) + resp_list.append(resp) + return resp_list + + msg = 'Change Control Service APIs supported from 2019.0.0 to 2021.2.0' + if self.cvp_version_compare('>=', 3.0, msg): + self.log.debug( + 'v3/v4/v5 /api/v3/services/ccapi.ChangeControl/Delete' + ' API Call') + resp_list = [] + for cc_id in cc_ids: + data = {'cc_id': cc_id} + resp = self.clnt.post( + '/api/v3/services/ccapi.ChangeControl/Delete', + data=data, timeout=self.request_timeout) + resp_list.append(resp) + return resp_list + + self.log.debug('v2 deleteChangeControl API Call') + data = {'ccIds': cc_ids} + return self.clnt.post('/changeControl/deleteChangeControls.do', + data=data, timeout=self.request_timeout) + + def get_change_control_info(self, cc_id): + ''' Get the detailed information for a single change control. + + Args: + cc_id (string): The id for the change control to be retrieved. + + Returns: + response (dict): A dict that contains... + + Ex: {'ccId': '4', + 'ccName': 'test_api_1541106830', + 'changeControlTasks': {'data': [<task data>], + 'total': 1}, + 'classId': 68, + 'containerName': '', + 'countryId': '', + 'createdBy': 'cvpadmin', + 'createdTimestamp': 1541106831629, + 'dateTime': '', + 'deviceCount': 1, + 'executedBy': 'cvpadmin', + 'executedTimestamp': 1541106831927, + 'factoryId': 1, + 'id': 68, + 'key': '4', + 'notes': '', + 'postSnapshotEndTime': 0, + 'postSnapshotStartTime': 0, + 'preSnapshotEndTime': 0, + 'preSnapshotStartTime': 0, + 'progressStatus': {<status>}, + 'scheduledBy': '', + 'scheduledByPassword': '', + 'scheduledTimestamp': 0, + 'snapshotTemplateKey': '', + 'snapshotTemplateName': None, + 'status': 'Inprogress', + 'stopOnError': False, + 'taskCount': 1, + 'taskEndTime': 0, + 'taskStartTime': 0, + 'timeZone': '', + 'type': 'Custom'} + ''' + self.log.debug('get_change_control_info: %s', cc_id) + if self.clnt.apiversion is None: + self.get_cvp_info() + if self.clnt.apiversion >= 3.0: + self.log.debug('get_change_control_info method deprecated for' + ' v3/v4/v5. Moved to get_change_control_status') + self.log.warning('get_change_control_info:' + ' info change control API moved for v3/v4/v5 to' + ' status') + return None + + self.log.debug('v2 getChangeControlInformation.do API Call') + try: + resp = self.clnt.get( + '/changeControl/getChangeControlInformation.do?' + 'startIndex=0&endIndex=0&ccId=%s' % cc_id, + timeout=self.request_timeout) + except CvpApiError as error: + if 'No data found' in error.msg: + return None + raise + return resp + + def get_change_control_status(self, cc_id): + ''' Get the detailed information for a single change control. + + Args: + cc_id (string): The id for the change control to be retrieved. + + Returns: + response (dict): A dict that contains... + + Ex: + [{u'status': {u'error': u'', + u'id': u'cc_id', + u'stages': {u' ': { + u'error': u'', + u'state': u'Completed'}, + u'Task_0_1': { + u'error': u'', + u'state': u'Completed'} + }, + u'state': u'Completed'}}] + ''' + self.log.debug('get_change_control_status: %s', cc_id) + if self.clnt.apiversion is None: + self.get_cvp_info() + if self.clnt.apiversion < 3.0: + self.log.debug('get_change_control_status method not supported' + ' for API version %s. Use old' + ' get_change_control_info method' + % self.clnt.apiversion) + return None + + self.log.debug( + 'v3 /api/v3/services/ccapi.ChangeControl/GetStatus API Call') + data = {'cc_id': cc_id} + return self.clnt.post( + '/api/v3/services/ccapi.ChangeControl/GetStatus', + data=data, timeout=self.request_timeout) + + def reset_device(self, app_name, device, create_task=True): + ''' Reset device by moving it to the Undefined Container. + + Args: + app_name (str): String to specify info/signifier of calling app + device (dict): Device info + create_task (bool): Determines whether or not to execute a save + and create the tasks (if any) + + Returns: + response (dict): A dict that contains a status and a list of + task ids created (if any). + + Ex: {u'data': {u'status': u'success', u'taskIds': []}} + ''' + info = ('App %s resetting device %s and moving it to Undefined' + % (app_name, device['fqdn'])) + self.log.debug(info) + + if 'parentContainerId' in device: + from_id = device['parentContainerId'] + else: + parent_cont = self.get_parent_container_for_device(device['key']) + if parent_cont and 'key' in parent_cont: + from_id = parent_cont['key'] + else: + from_id = '' + + data = {'data': [{'info': info, + 'infoPreview': info, + 'action': 'reset', + 'nodeType': 'netelement', + 'nodeId': device['key'], + 'toId': 'undefined_container', + 'fromId': from_id, + 'nodeName': device['fqdn'], + 'toName': 'Undefined', + 'toIdType': 'container', + 'childTasks': [], + 'parentTask': ''}]} + try: + self._add_temp_action(data) + except CvpApiError as error: + if 'Data already exists' in str(error): + self.log.debug('Device %s already in container Undefined' + % device['fqdn']) + if create_task: + return self._save_topology_v2([]) + return None + + def deploy_device(self, device, container, configlets=None, + image_bundle=None, create_task=True, + app_name='Deploy_device'): + ''' Move a device from the undefined container to a target container. + Optionally apply device-specific configlets and an image. + + Args: + device (dict): unique key for the device + container (str): name of container to move device to + configlets (list): list of dicts with configlet key/name pairs + image_bundle (str): name of image bundle to apply to device + create_task (boolean): Create task for this deploy device + sequence. + app_name (str): calling application name for logging purposes + + Returns: + response (dict): A dict that contains a status and a list of + task ids created (if any). + + Ex: {u'data': {u'status': u'success', u'taskIds': [u'32']}} + ''' + info = 'Deploy device %s to container %s' % (device['fqdn'], container) + self.log.debug(info) + container_info = self.get_container_by_name(container) + # Add action for moving device to specified container + self.move_device_to_container(app_name, device, container_info, + create_task=False) + + # Get proposed configlets device will inherit from container it is + # being moved to. + prop_conf = self.clnt.get('/provisioning/getTempConfigsByNetElementId.' + 'do?netElementId=%s' % device['key']) + new_configlets = prop_conf['proposedConfiglets'] + if configlets: + new_configlets.extend(configlets) + self.apply_configlets_to_device('deploy_device', device, + new_configlets, create_task=False) + # Apply image to the device + if image_bundle: + image_bundle_info = self.get_image_bundle_by_name(image_bundle) + self.apply_image_to_device(image_bundle_info, device, + create_task=False) + if create_task: + return self._save_topology_v2([]) + return None + + def create_enroll_token(self, duration, devices=None): + ''' Create TerminAttr enrollment token for device authentication + via certificates. + + Args: + devices (list): list of device Serial Numbers for which the + token should be generated. The default is all devices. + duration (string): the token's validity time (max 1 month), + accepted formats are: "24h", "86400s", "60m" + Returns: + response (list) on CVaaS: A list that contains the generated + enrollment token. + + Ex: [{'enrollmentToken':{'token': <token>, 'groups': [], + 'reenrollDevices': <devices list>, + 'validFor': <duration e.g 24h>, 'field_mask': None}}] + response (dict) on CV on-prem: A dictionary that contains the + generated enrollment token. + + Ex: {'data': <token>} + ''' + if not devices: + devices = ["*"] + # For on-prem check the version as it is only supported from 2021.2.0+ + if not self.clnt.is_cvaas: + if self.clnt.apiversion is None: + self.get_cvp_info() + if self.clnt.apiversion >= 6.0: + self.log.debug('v6 /cvpservice/enroll/createToken') + data = {"reenrollDevices": devices, "duration": duration} + return self.clnt.post('/cvpservice/enroll/createToken', + data=data, timeout=self.request_timeout) + self.log.warning( + 'Enrollment Tokens only supported on CVP 2021.2.0+') + return None + data = { + "enrollmentToken": {"reenrollDevices": devices, + "validFor": duration} + } + return self.clnt.post( + '/api/v3/services/admin.Enrollment/AddEnrollmentToken', + data=data, timeout=self.request_timeout) + + def get_all_tags(self, element_type='ELEMENT_TYPE_UNSPECIFIED', workspace_id=''): + ''' Get all device and/or interface tags from the mainline workspace or all other workspaces + Args: + element_type (str): Can be ELEMENT_TYPE_DEVICE, ELEMENT_TYPE_INTERFACE and + ELEMENT_TYPE_UNSPECIFIED + set to ELEMENT_TYPE_UNSPECIFIED by default which fetches all tags + workspace_id (str): The ID of the workspace, by default it is set to an empty string + which will use the mainline workspace + Returns: + response (dict): A dict that contains a list of key-value tags + ''' + msg = 'Tag.V2 Resource APIs are supported from 2021.2.0 or newer.' + # For on-prem check the version as it is only supported from 2021.2.0+ + if self.cvp_version_compare('>=', 6.0, msg): + tag_url = '/api/resources/tag/v2/Tag/all' + payload = { + "partialEqFilter": [ + { + "key": { + "elementType": element_type, + "workspaceId": workspace_id + } + } + ] + } + self.log.debug('v6 {}'.format(tag_url)) + return self.clnt.post(tag_url, data=payload) + + def get_tag_edits(self, workspace_id): + ''' Show all tags edits in a workspace + + Args: + workspace_id: The ID of the workspace + + Returns: + response (dict): A dict that contains... + Ex.: {'data': [{'result': {'value': {'key': {'workspaceId': 'testget', + 'elementType': 'string', 'label': 'string', 'value': 'string'}, + 'remove': False}, 'time': 'rfc3339 time', 'type': 'INITIAL'}}]} + ''' + msg = 'Tag.V2 Resource APIs are supported from 2021.2.0 or newer.' + # For on-prem check the version as it is only supported from 2021.2.0+ + if self.cvp_version_compare('>=', 6.0, msg): + tag_url = '/api/resources/tag/v2/TagConfig/all' + payload = { + "partialEqFilter": [ + { + "key": { + "workspace_id": workspace_id + } + } + ] + } + self.log.debug('v6 ' + tag_url + ' ' + str(payload)) + return self.clnt.post(tag_url, data=payload) + + def get_tag_assignment_edits(self, workspace_id): + ''' Show all tags assignment edits in a workspace + + Args: + workspace_id: The ID of the workspace + + Returns: + response (dict): A dict that contains... + Ex: {'result': {'value': {'key': {'workspaceId': 'string', 'elementType': 'string', + 'label': 'string', 'value': 'string', 'deviceId': 'string'}, + 'remove': False}, 'time': 'rfc3339', 'type': 'INITIAL'}} + ''' + msg = 'Tag.V2 Resource APIs are supported from 2021.2.0 or newer.' + # For on-prem check the version as it is only supported from 2021.2.0+ + if self.cvp_version_compare('>=', 6.0, msg): + tag_url = '/api/resources/tag/v2/TagAssignmentConfig/all' + payload = { + "partialEqFilter": [ + { + "key": { + "workspace_id": workspace_id + } + } + ] + } + self.log.debug('v6 ' + tag_url + ' ' + str(payload)) + return self.clnt.post(tag_url, data=payload) + + def tag_config(self, element_type, workspace_id, tag_label, tag_value, remove=False): + ''' Create/Delete device or interface tags. + Tag creation with the tag.v2 resource API has to be done within a workspace. + + Args: + element_type (str): Can be ELEMENT_TYPE_DEVICE or ELEMENT_TYPE_INTERFACE to + create device and interface tag respectively. + workspace_id(str): The ID of the workspace. + This should be generated by the create_workspace() API call. + tag_label(str): the label of the desired tag + tag_value(str): the value of the desired tag + remove (Boolean): When set to True it will remove the device/interface tag. + When set to False (default) it will create the device/interface tag. + + Returns: + response (dict): A dict that contains... + Ex: {'value': {'key': {'workspaceId': 'string', 'elementType': 'string', + 'label': 'string', 'value': 'string'}}, + 'time': 'rfc3339 time'} + ''' + msg = 'Tag.V2 Resource APIs are supported from 2021.2.0 or newer.' + # For on-prem check the version as it is only supported from 2021.2.0+ + if self.cvp_version_compare('>=', 6.0, msg): + tag_url = '/api/resources/tag/v2/TagConfig' + payload = { + "key": { + "elementType": element_type, + "workspaceId": workspace_id, + "label": tag_label, + "value": tag_value + }, + "remove": remove + } + self.log.debug('v6 {} '.format(tag_url) + str(payload)) + return self.clnt.post(tag_url, data=payload) + + def tag_assignment_config(self, element_type, workspace_id, tag_label, + tag_value, device_id, interface_id, remove=False): + ''' Assign/Unassign device or interface tags. + Tag assignment with the tag.v2 resource API has to be done within a workspace. + + Args: + element_type (str): can be ELEMENT_TYPE_DEVICE or ELEMENT_TYPE_INTERFACE to + create device and interface tag respectively + workspace_id(str): the ID of the workspace. This should be generated by + the create_workspace() API call. + tag_label(str): the label of the desired tag + tag_value(str): the value of the desired tag + device_id (str): the Serial Number of the device + interface_id (str): the interface name of the device, e.g.: Ethernet1 + remove (Boolean): When set to True it will remove the device/interface + tag assignment. + When set to False (default) it will create the device/interface tag assignment. + Returns: + response (dict): A dict that contains... + + Ex: {'value': {'key': {'workspaceId': 'string', 'elementType': 'string', + 'label': 'string', 'value': 'string', + 'deviceId': 'string', 'interfaceId': 'string'}, + 'remove': Boolean},'time': 'rfc3339 time'} + + ''' + msg = 'Tag.V2 Resource APIs are supported from 2021.2.0 or newer.' + # For on-prem check the version as it is only supported from 2021.2.0+ + if self.cvp_version_compare('>=', 6.0, msg): + tag_url = '/api/resources/tag/v2/TagAssignmentConfig' + payload = { + "key": { + "elementType": element_type, + "workspaceId": workspace_id, + "label": tag_label, + "value": tag_value, + "deviceId": device_id, + "interfaceId": interface_id + }, + "remove": remove + } + self.log.debug('v6 {} '.format(tag_url) + str(payload)) + return self.clnt.post(tag_url, data=payload) + + def get_all_workspaces(self): + ''' Get state information for all workspaces + + Returns: + response (dict): A dict that contains a list of key-values for workspaces + ''' + msg = 'Workspace Resource APIs are supported from 2021.2.0 or newer.' + # For on-prem check the version as it is only supported from 2021.2.0+ + if self.cvp_version_compare('>=', 6.0, msg): + workspace_url = '/api/resources/workspace/v1/Workspace/all' + payload = {} + self.log.debug('v6 {}'.format(workspace_url)) + return self.clnt.post(workspace_url, data=payload) + + def get_workspace(self, workspace_id): + ''' Get state information for all workspaces + + Returns: + response (dict): A dict that contains a list of key-values for workspaces + ''' + msg = 'Workspace Resource APIs are supported from 2021.2.0 or newer.' + # For on-prem check the version as it is only supported from 2021.2.0+ + if self.cvp_version_compare('>=', 6.0, msg): + workspace_url = '/api/resources/workspace/v1/Workspace?key.workspaceId={}'.format( + workspace_id) + self.log.debug('v6 {}'.format(workspace_url)) + return self.clnt.get(workspace_url) + + def workspace_config(self, workspace_id, display_name, + description='', request='REQUEST_UNSPECIFIED', + request_id=''): + ''' Create, Build and Submit workspaces. + + Args: + workspace_id (str): The (unique) name of the workspace. + Previously used names cannot be used if the workspace was closed or abandoned. + display_name (str): The display name of the workspace. + description (str): The description of the workspace. + request (string): Can have the following values: + - REQUEST_UNSPECIFIED + - REQUEST_START_BUILD + - REQUEST_CANCEL_BUILD + - REQUEST_SUBMIT + - REQUEST_ABANDON + - REQUEST_ROLLBACK + request_id (str): An arbitrary requestId that is required for the + build and submit process. + + Returns: + response (dict): A dict that contains... + Ex: {'value': {'key': {'workspaceId': 'string'}, + 'displayName': 'string','description': 'string', + 'requestParams': {'requestId': 'string'} + }, + 'time': 'rfc3339 time'} + ''' + msg = 'Workspace Resource APIs are supported from 2021.2.0 or newer.' + # For on-prem check the version as it is only supported from 2021.2.0+ + if self.cvp_version_compare('>=', 6.0, msg): + workspace_url = '/api/resources/workspace/v1/WorkspaceConfig' + payload = { + "key": { + "workspaceId": workspace_id + }, + "displayName": display_name, + "description": description, + "request": request, + "requestParams": { + "requestId": request_id + } + } + self.log.debug('v6 ' + str(workspace_url) + ' ' + str(payload)) + return self.clnt.post(workspace_url, data=payload) + + def workspace_build_status(self, workspace_id, build_id): + ''' Verify the state of the workspace build process. + + Args: + workspace_id (str): The (unique) name of the workspace. + build_id (str): The buildId of the workspace for which the + build process was requested. + Returns: + response (dict): A dict that contains... + Ex: {'value': {'key': {'workspaceId': 'string', 'buildId': 'string'}, + 'state': 'BUILD_STATE_SUCCESS', 'buildResults': {'values': ... + ''' + msg = 'Workspace Resource APIs are supported from 2021.2.0 or newer.' + # For on-prem check the version as it is only supported from 2021.2.0+ + if self.cvp_version_compare('>=', 6.0, msg): + params = 'key.workspaceId={}&key.buildId={}'.format(workspace_id, build_id) + workspace_url = '/api/resources/workspace/v1/WorkspaceBuild?' + params + self.log.debug('v6 {}'.format(workspace_url + params)) + return self.clnt.get(workspace_url, timeout=self.request_timeout) + + def change_control_get_one(self, cc_id, cc_time=None): + ''' Get the configuration and status of a change control using Resource APIs. + Supported versions: CVP 2021.2.0 or newer and CVaaS. + + Args: + cc_id (str): The ID of the change control. + cc_time (str): Time indicates the time for which you are interested in the data. + If no time is given, the server will use the time at which it makes the request. + The time format is RFC 3339, e.g.: 2021-12-24T11:30:00.00Z. + Returns: + response (dict): A dict that contains... + Ex: {"value":{"key":{"id":"rL6Tog6UU"}, "change":{"name":"Change 20211213_210554", + "rootStageId":"kZUWqyIArD", + "stages":{"values":{"kZUWqyIArD":{"name":"Change 20211213_210554 Root", + "rows":{"values":[{"values":["vazWhKyVRR"]}]}}, + "vazWhKyVRR":{"name":"Update Config", + "action":{"name":"task", "timeout":3000, + "args":{"values":{"TaskID":"538"}}}}}}, + "notes":"", "time":"2021-12-13T21:05:58.813750128Z", "user":"cvpadmin"}, + "approve":{"value":true, "time":"2021-12-13T21:11:26.788753264Z", + "user":"cvpadmin"}}, "time":"2021-12-13T21:11:26.788753264Z"}% + ''' + msg = 'Change Control Resource APIs are supported from 2021.2.0 or newer.' + # For on-prem check the version as it is only supported from 2021.2.0+ + if self.cvp_version_compare('>=', 6.0, msg): + if cc_time is None: + params = 'key.id={}'.format(cc_id) + else: + params = 'key.id={}&time={}'.format(cc_id, cc_time) + cc_url = '/api/resources/changecontrol/v1/ChangeControl?' + params + self.log.debug('v6 {}'.format(cc_url)) + try: + response = self.clnt.get(cc_url, timeout=self.request_timeout) + except Exception as error: + if 'resource not found' in str(error): + return None + raise error + return response + + def change_control_get_all(self): + ''' Get the configuration and status of all Change Controls using Resource APIs. + Supported versions: CVP 2021.2.0 or newer and CVaaS. + + Returns: + response (dict): A dict that contains a list of all Change Controls. + ''' + msg = 'Change Control Resource APIs are supported from 2021.2.0 or newer.' + # For on-prem check the version as it is only supported from 2021.2.0+ + if self.cvp_version_compare('>=', 6.0, msg): + cc_url = '/api/resources/changecontrol/v1/ChangeControl/all' + self.log.debug('v6 {}'.format(cc_url)) + return self.clnt.get(cc_url, timeout=self.request_timeout) + + def change_control_approval_get_one(self, cc_id, cc_time=None): + ''' Get the state of a specific Change Control's approve config using Resource APIs. + Supported versions: CVP 2021.2.0 or newer and CVaaS. + + Args: + cc_id (str): The ID of the change control. + cc_time (str): Time indicates the time for which you are interested in the data. + If no time is given, the server will use the time at which it makes the request. + The time format is RFC 3339, e.g.: 2021-12-24T11:30:00.00Z. + Returns: + response (dict): A dict that contains... + Ex: {'value': {'key': {'id': '<CC ID>'}, 'approve': {'value': True}, + 'version': '2021-12-13T21:05:58.813750128Z'}, + 'time': '2021-12-13T21:11:26.788753264Z'} + ''' + msg = 'Change Control Resource APIs are supported from 2021.2.0 or newer.' + # For on-prem check the version as it is only supported from 2021.2.0+ + if self.cvp_version_compare('>=', 6.0, msg): + if cc_time is None: + params = 'key.id={}'.format(cc_id) + else: + params = 'key.id={}&time={}'.format(cc_id, cc_time) + cc_url = '/api/resources/changecontrol/v1/ApproveConfig?' + params + cc_status = self.change_control_get_one(cc_id) + if cc_status is None: + return None + if 'value' in cc_status and 'approve' not in cc_status['value']: + self.log.warning("The change has not been approved yet." + " A change has to be approved at least once for the 'approve'" + " state to be populated.") + return None + return self.clnt.get(cc_url, timeout=self.request_timeout) + + def change_control_approval_get_all(self): + ''' Get state information for all Change Control Approvals using Resource APIs. + Supported versions: CVP 2021.2.0 or newer and CVaaS. + + Returns: + response (dict): A dict that contains a list of all Change Control Approval Configs. + ''' + msg = 'Change Control Resource APIs are supported from 2021.2.0 or newer.' + # For on-prem check the version as it is only supported from 2021.2.0+ + if self.cvp_version_compare('>=', 6.0, msg): + cc_url = '/api/resources/changecontrol/v1/ApproveConfig/all' + self.log.debug('v6 {}'.format(cc_url)) + return self.clnt.get(cc_url, timeout=self.request_timeout) + + def change_control_approve(self, cc_id, notes="", approve=True): + ''' Approve/Unapprove a change control using Resource APIs. + Supported versions: CVP 2021.2.0 or newer and CVaaS. + + Args: + cc_id (str): The ID of the change control. + notes (str): An optional approval note. + approve (bool): Set to True to approve a change and to False to unapprove a change. + The default is True. + ''' + cc_url = '/api/resources/changecontrol/v1/ApproveConfig' + # For on-prem check the version as it is only supported from 2021.2.0+ + # Since the get_change_control already checks this, no need to check it again + cc_status = self.change_control_get_one(cc_id) + if cc_status is None: + return None + if ('value' in cc_status and 'change' in cc_status['value'] and + 'time' in cc_status['value']['change']): + version = cc_status['value']['change']['time'] + else: + self.log.error('The version timestamp was not found in the CC status.') + return None + payload = { + "key": { + "id": cc_id + }, + "approve": { + "value": approve, + "notes": notes + }, + "version": version + } + return self.clnt.post(cc_url, data=payload, timeout=self.request_timeout) + + def change_control_delete(self, cc_id): + ''' Delete a pending Change Control using Resource APIs. + Supported versions: CVP 2021.2.0 or newer and CVaaS. + + Args: + cc_id (str): The ID of the change control. + ''' + msg = 'Change Control Resource APIs are supported from 2021.2.0 or newer.' + # For on-prem check the version as it is only supported from 2021.2.0+ + if self.cvp_version_compare('>=', 6.0, msg): + params = 'key.id={}'.format(cc_id) + cc_url = '/api/resources/changecontrol/v1/ChangeControlConfig?' + params + self.log.debug('v6 {}'.format(cc_url)) + return self.clnt.delete(cc_url, timeout=self.request_timeout) + + def change_control_create_with_custom_stages(self, custom_cc=None): + ''' Create a Change Control with custom stage hierarchy using Resource APIs. + Supported versions: CVP 2021.2.0 or newer and CVaaS. + + Args: + custom_cc (dict): A dictionary with the entire stage hierarchy. + Ex1: {'key': {'id': '409b94d1-c0cb-4d74-8f88-89f66f13f109'}, + 'change': {'name': 'Change_20211217_034338', + 'notes': 'cvprac CC', + 'rootStageId': 'root', + 'stages': {'values': {'root': {'name': 'root', + 'rows': {'values': [{'values': ['1-2']}, + {'values': ['3']}]}}, + '1-2': {'name': 'stages 1-2', + 'rows': {'values': [{'values': ['1ab']}, + {'values': ['2']}]}}, + '1a': {'action': {'args': {'values': {'TaskID': '1242'}}, + 'name': 'task', + 'timeout': 3000}, + 'name': 'stage 1a'}, + '1ab': {'name': 'stage 1ab', + 'rows': {'values': [{'values': ['1a', + '1b']}]}}, + '1b': {'action': {'args': {'values': {'TaskID': '1243'}}, + 'timeout': 3000}, + 'name': 'stage 1b'}, + '2': {'action': {'args': {'values': {'TaskID': '1240'}}, + 'name': 'task', + 'timeout': 3000}, + 'name': 'stage 2'}, + '3': {'action': {'args': {'values': {'TaskID': '1241'}}, + 'name': 'task', + 'timeout': 3000}, + 'name': 'stage 3'}, + }}}} + The above would result in the following hierarchy: + root (series) + |- stages 1-2 (series) + | |- stage 1ab (parallel) + | | |- stage 1a + | | |- stage 1b + | |- stage 2 + |- stage 3 + + Ex2 (MLAG ISSU): + {'key': {'id': 'PXs9cKimC'}, + 'change': {'name': 'Change 20211217_040530', + 'notes': '', + 'rootStageId': 'root', + 'stages': {'values': { 'root': {'name': 'Change 20211217_040530 Root', + 'rows': { + 'values': [{'values': ['left-leafs']}], + }}, + 'upgrade1': {'action': { + 'args': {'values': {'TaskID': '1242'}}, + 'name': 'task', + 'timeout': 3000}, + 'name': 'Image Upgrade'}, + 'pre-mlag-check-l2': {'action': { + 'args': { + 'values': { + 'DeviceID': 'SN2'}}, + 'name': 'mlaghealthcheck'}, + 'name': 'Check MLAG Health'}, + 'left-leafs': {'name': 'left-leafs', + 'rows': { + 'values': [{'values': ['leaf1']}, + {'values': ['leaf2']}]}}, + 'upgrade2': {'action': {'args': { + 'values': {'TaskID': '1243'}}, + 'name': 'task', + 'timeout': 3000}, + 'name': 'Image Upgrade'}, + 'pre-mlag-check-l1': {'action': { + 'args': { + 'values': { + 'DeviceID': 'SN1'}}, + 'name': 'mlaghealthcheck'}, + 'name': 'Check MLAG Health'}, + 'post-mlag-check-l2': {'action': { + 'args': { + 'values': { + 'DeviceID': 'SN1'}}, + 'name': 'mlaghealthcheck'}, + 'name': 'Check MLAG Health'}, + 'leaf1': {'name': 'leaf1', + 'rows': { + 'values': [{'values': [ + 'pre-mlag-check-l1']}, + {'values': [ + 'upgrade1']}, + {'values': [ + 'post-mlag-check-l1'], + }]}}, + 'post-mlag-check-l1': {'action': { + 'args': { + 'values': { + 'DeviceID': 'SN2'}}, + 'name': 'mlaghealthcheck'}, + 'name': 'Check MLAG Health'}, + 'leaf2': {'name': 'leaf2', + 'rows': {'values': [{'values': [ + 'pre-mlag-check-l2']}, + {'values': [ + 'upgrade2']}, + {'values': [ + 'post-mlag-check-l2'], + }]}}}}} + } + The above would result in the following hierarchy: + root (series) + |- left-leafs (series) + |- leaf1 (series) + | |- pre-mlag-check-l1 + | |- upgrade1 + | |- post-mlag-check-l1 + |- leaf2 (series) + |- pre-mlag-check-l1 + |- upgrade1 + |- post-mlag-check-l1 + + Returns: + response (dict): A dict that contains... + Ex: {'value': {'key': {'id':cc_id, + 'time': '...'} + ''' + msg = 'Change Control Resource APIs are supported from 2021.2.0 or newer.' + # For on-prem check the version as it is only supported from 2021.2.0+ + if self.cvp_version_compare('>=', 6.0, msg): + payload = custom_cc + cc_url = '/api/resources/changecontrol/v1/ChangeControlConfig' + self.log.debug('v6 ' + str(cc_url) + ' ' + str(payload)) + return self.clnt.post(cc_url, data=payload) + + def change_control_create_for_tasks(self, cc_id, name, tasks, series=True): + ''' Create a simple Change Control for tasks using Resource APIs. + Supported versions: CVP 2021.2.0 or newer and CVaaS. + + This function will create a change with either all Task actions in series or parallel. + For custom stage hierarchy the change_control_create_with_custom_stages() + should be used. + Args: + cc_id (string): The ID for the new change control. + name (string): The name for the new change control. + tasks (list): A list of Task IDs as strings + Ex: ['10', '11', '12'] + series (bool): A flag for running tasks in series or + in parallel. Defaults to True for running in series. + Returns: + response (dict): A dict that contains... + Ex: {'value': {'key': {'id':cc_id, + 'time': '...'} + ''' + stages = {'values': {'root': {'name': 'root', 'rows': {'values': []}}}} + if series: + for index, task in enumerate(tasks): + stage_id = 'stage%d' % index + stages['values']['root']['rows']['values'].append({'values': [stage_id]}) + stages['values'][stage_id] = { + 'action': { + 'args': { + 'values': { + 'TaskID': task, + }, + }, + 'name': 'task', + 'timeout': 3000, + }, + 'name': stage_id, + } + else: + stages['values']['root']['rows']['values'].append({'values': []}) + for index, task in enumerate(tasks): + stage_id = 'stage%d' % index + stages['values']['root']['rows']['values'][0]['values'].append(stage_id) + stages['values'][stage_id] = { + 'action': { + 'args': { + 'values': { + 'TaskID': task, + }, + }, + 'name': 'task', + 'timeout': 3000, + }, + 'name': stage_id, + } + msg = 'Change Control Resource APIs are supported from 2021.2.0 or newer.' + # For on-prem check the version as it is only supported from 2021.2.0+ + if self.cvp_version_compare('>=', 6.0, msg): + payload = { + 'key': { + 'id': cc_id + }, + 'change': { + 'name': name, + 'rootStageId': 'root', + 'notes': 'randomString', + 'stages': stages + } + } + cc_url = '/api/resources/changecontrol/v1/ChangeControlConfig' + self.log.debug('v6 ' + str(cc_url) + ' ' + str(payload)) + return self.clnt.post(cc_url, data=payload, timeout=self.request_timeout) + + def change_control_start(self, cc_id, notes=""): + ''' Start a Change Control using Resource APIs. + Supported versions: CVP 2021.2.0 or newer and CVaaS. + Args: + cc_id (string): The ID for the new change control. + notes (string): An optional note. + Returns: + response (dict): A dict that contains... + Ex: {"value":{"key":{"id":cc_id}, "start":{"value":true, "notes":"note"}}, + "time":"2021-12-14T21:02:21.830306071Z"} + ''' + msg = 'Change Control Resource APIs are supported from 2021.2.0 or newer.' + # For on-prem check the version as it is only supported from 2021.2.0+ + if self.cvp_version_compare('>=', 6.0, msg): + payload = { + "key": { + "id": cc_id + }, + "start": { + "value": True, + "notes": notes + } + } + cc_url = '/api/resources/changecontrol/v1/ChangeControlConfig' + self.log.debug('v6 ' + str(cc_url) + ' ' + str(payload)) + return self.clnt.post(cc_url, data=payload, timeout=self.request_timeout) + + def change_control_stop(self, cc_id, notes=""): + ''' Stop a Change Control using Resource APIs. + Supported versions: CVP 2021.2.0 or newer and CVaaS. + + Args: + cc_id (string): The ID for the new change control. + notes (string): An optional note. + Returns: + response (dict): A dict that contains... + Ex: {"value":{"key":{"id":cc_id}, "start":{"value":false, "notes":"note"}}, + "time":"2021-12-14T21:02:21.830306071Z"} + ''' + msg = 'Change Control Resource APIs are supported from 2021.2.0 or newer.' + # For on-prem check the version as it is only supported from 2021.2.0+ + if self.cvp_version_compare('>=', 6.0, msg): + payload = { + "key": { + "id": cc_id + }, + "start": { + "value": False, + "notes": notes + } + } + cc_url = '/api/resources/changecontrol/v1/ChangeControlConfig' + self.log.debug('v6 ' + str(cc_url) + ' ' + str(payload)) + return self.clnt.post(cc_url, data=payload, timeout=self.request_timeout) + + def change_control_schedule(self, cc_id, schedule_time, notes=""): + ''' Schedule a Change Control using Resource APIs. + Supported versions: CVP 2022.1.0 or newer and CVaaS. + + Args: + cc_id (string): The ID for the new change control. + schedule_time (string): rfc3339 time format, e.g: 2021-12-23T02:07:00.0Z + notes (string): An optional note. + Returns: + response (dict): A dict that contains... + Ex: {"value":{"key":{"id":"5821c7c1-e276-4387-b60a"}, + "schedule":{"value":"2021-12-23T02:07:00Z", + "notes":"CC schedule via curl"}}, + "time":"2021-12-23T02:06:18.739965204Z"} + ''' + msg = 'Change Control Scheduling via Resource APIs are supported from 2022.1.0 or newer.' + # For on-prem check the version as it is only supported from 2022.1.0+ + if self.cvp_version_compare('>=', 8.0, msg): + payload = { + "key": { + "id": cc_id + }, + "schedule": { + "value": schedule_time, + "notes": notes + } + } + cc_url = '/api/resources/changecontrol/v1/ChangeControlConfig' + self.log.debug('v8 ' + str(cc_url) + ' ' + str(payload)) + return self.clnt.post(cc_url, data=payload, timeout=self.request_timeout) + + def device_decommissioning(self, device_id, request_id): + ''' Decommission a device using Resource APIs. + Supported versions: CVP 2021.3.0 or newer and CVaaS. + Args: + device_id (string): Serial Number of the device. + request_id (string): Key identifies the request to decommission the device. + Recommended to generate uuid with str(uuid.uuid4()). + Returns: + response (dict): Returns None if the device is not found else returns A dict that contains... + Ex: {'value': {'key': {'requestId': '4a4ba5a2-9886-4cd5-84d6-bdaf85a9f091'}, + 'deviceId': 'BAD032986065E8DC14CBB6472EC314A6'}, + 'time': '2022-02-12T02:58:30.765459650Z'} + ''' + device_info = self.get_device_by_serial(device_id) + if device_info is not None and 'serialNumber' in device_info: + msg = 'Decommissioning via Resource APIs are supported from 2021.3.0 or newer.' + # For on-prem check the version as it is only supported from 2021.3.0+ + if self.cvp_version_compare('>=', 7.0, msg): + payload = { + "key": { + "request_id": request_id + }, + "device_id": device_id + } + url = '/api/resources/inventory/v1/DeviceDecommissioningConfig' + self.log.debug('v7 ' + str(url) + ' ' + str(payload)) + return self.clnt.post(url, data=payload, timeout=self.request_timeout) + else: + self.log.warning( + 'Device with %s serial number does not exist (or is not registered) to decommission' + % device_id) + return None + + def device_decommissioning_status_get_one(self, request_id): + ''' Get the decommission status of a device using Resource APIs. + Supported versions: CVP 2021.3.0 or newer and CVaaS. + Args: + request_id (string): key identifies the request to decommission the device + Returns: + response (dict): A dict that contains... + Ex:{"result":{"value":{"key":{"requestId":"123456789"}, + "status":"DECOMMISSIONING_STATUS_IN_PROGRESS", + "statusMessage":"Disabled TerminAttr, waiting for device to be marked inactive"}, + "time":"2022-02-04T19:41:46.376310308Z","type":"INITIAL"}} + ''' + msg = 'Decommissioning via Resource APIs are supported from 2021.3.0 or newer.' + # For on-prem check the version as it is only supported from 2021.3.0+ + if self.cvp_version_compare('>=', 7.0, msg): + params = 'key.requestId={}'.format(request_id) + url = '/api/resources/inventory/v1/DeviceDecommissioning?' + params + self.log.debug('v7 ' + str(url)) + return self.clnt.get(url, timeout=self.request_timeout) + + def device_decommissioning_status_get_all(self, status="DECOMMISSIONING_STATUS_UNSPECIFIED"): + ''' Get the decommissioning status of all devices using Resource APIs. + Supported versions: CVP 2021.3.0 or newer and CVaaS. + Args: + status (enum): By default it will get the decommissioning status for all devices. + Possible values: + "DECOMMISSIONING_STATUS_UNSPECIFIED" or 0, + "DECOMMISSIONING_STATUS_IN_PROGRESS" or 1, + "DECOMMISSIONING_STATUS_FAILURE" or 2, + "DECOMMISSIONING_STATUS_SUCCESS" or 3 + Returns: + response (dict): A dict that contains... + Ex: {"result":{"value":{"key":{"requestId":"123456789"}, + "status":"DECOMMISSIONING_STATUS_IN_PROGRESS", + "statusMessage":"Disabled TerminAttr, waiting for device to be marked inactive"}, + "time":"2022-02-04T19:41:46.376310308Z","type":"INITIAL"}} + ''' + msg = 'Decommissioning via Resource APIs are supported from 2021.3.0 or newer.' + # For on-prem check the version as it is only supported from 2021.3.0+ + if self.cvp_version_compare('>=', 7.0, msg): + payload = { + "partialEqFilter": [ + { + "status": status, + } + ] + } + url = '/api/resources/inventory/v1/DeviceDecommissioning/all' + self.log.debug('v7 ' + str(url)) + return self.clnt.post(url, data=payload, timeout=self.request_timeout) + + def add_role(self, name, description, moduleList): + ''' Add new local role to the CVP UI. + Args: + name (str): local role name on CVP + description (str): role description + moduleList (list): list of modules (name (str) and mode (str)) + ''' + data = {"name": name, + "description": description, + "moduleList": moduleList} + return self.clnt.post('/role/createRole.do', data=data, + timeout=self.request_timeout) + + def update_role(self, rolekey, name, description, moduleList): + ''' Updates role information, like + role name, description and role modules. + Args: + rolekey (str): local role key on CVP + name (str): local role name on CVP + description (str): role description + moduleList (list): list of modules (name (str) and mode (str)) + ''' + data = {"key": rolekey, + "name": name, + "description": description, + "moduleList": moduleList} + return self.clnt.post('/role/updateRole.do', data=data, + timeout=self.request_timeout) + + def get_role(self, rolekey): + ''' Returns specified role information. + Args: + rolekey (str): role key on CVP + Returns: + response (dict): Returns a dict that contains the role. + Ex: {'name': 'Test Role', 'key': 'role_1599019487020581247', 'description': 'Test'...} + ''' + return self.clnt.get('/role/getRole.do?roleId={}'.format(rolekey), + timeout=self.request_timeout) + + def get_roles(self): + ''' Get all the user roles in CloudVision. + Returns: + response (dict): Returns a dict that contains all the user role states.. + Ex: {'total': 7, 'roles': [{'name': 'Test Role', 'key': 'role_1599019487020581247', + 'description': 'Test'...}]} + ''' + url = '/role/getRoles.do?startIndex=0&endIndex=0' + return self.clnt.get(url, timeout=self.request_timeout) + + def delete_role(self, rolekey): + ''' Remove specified role from CVP + Args: + rolekey (str): role key on CVP + ''' + data = [rolekey] + return self.delete_roles(data) + + def delete_roles(self, rolekeys): + ''' Remove specified roles from CVP + Args: + rolekeys (list): list of role keys (str) on CVP + ''' + return self.clnt.post('/role/deleteRoles.do', data=rolekeys, + timeout=self.request_timeout) + + def svc_account_token_get_all(self): + ''' Get all service account token states using Resource APIs. + Supported versions: CVP 2021.3.0 or newer and CVaaS. + Returns: + response (list): Returns a list of dictionaries that contains... + Ex: [{'value': {'key': {'id': 'randomId'}, 'user': 'string', + 'description': 'string','valid_until': '2022-11-02T06:58:53Z', + 'created_by': 'string', 'last_used': None}, + 'time': '2022-05-03T15:38:53.725014447Z', 'type': 'INITIAL'}, ...] + ''' + msg = 'Service Account Resource APIs are supported from 2021.3.0+.' + if self.cvp_version_compare('>=', 7.0, msg): + url = '/api/v3/services/arista.serviceaccount.v1.TokenService/GetAll' + self.log.debug('v7 {}'.format(url)) + return self.clnt.post(url) + + def svc_account_token_get_one(self, token_id): + ''' Get a service account token's state using Resource APIs + Supported versions: CVP 2021.3.0 or newer and CVaaS. + Returns: + response (list): Returns a list of dict that contains... + Ex: [{'value': {'key': {'id': 'randomId'}, 'user': 'string', + 'description': 'string', 'valid_until': '2022-11-02T06:58:53Z', + 'created_by': 'cvpadmin', 'last_used': None}, + 'time': '2022-05-03T15:38:53.725014447Z', 'type': 'INITIAL'}] + ''' + msg = 'Service Account Resource APIs are supported from 2021.3.0+.' + if self.cvp_version_compare('>=', 7.0, msg): + payload = {"key": {"id": token_id}} + url = '/api/v3/services/arista.serviceaccount.v1.TokenService/GetOne' + self.log.debug('v7 {} {}'.format(url, payload)) + return self.clnt.post(url, data=payload) + + def svc_account_token_delete(self, token_id): + ''' Delete a service account token using Resource APIs. + Supported versions: CVP 2021.3.0 or newer and CVaaS. + Args: + token_id (string): The id of the service account token. + Returns: + response (list): Returns a list of dict that contains the time of deletion: + Ex: [{'key': {'id': '<token_id>'}, + 'time': '2022-07-26T15:29:03.687167871Z'}] + ''' + msg = 'Service Account Resource APIs are supported from 2021.3.0+.' + if self.cvp_version_compare('>=', 7.0, msg): + payload = {"key": {"id": token_id}} + url = '/api/v3/services/arista.serviceaccount.v1.TokenConfigService/Delete' + self.log.debug('v7 {} {}'.format(url, payload)) + return self.clnt.post(url, data=payload) + + def svc_account_token_set(self, username, duration, description): + ''' Create a service account token using Resource APIs. + Supported versions: CVP 2021.3.0 or newer and CVaaS. + Args: + username (string): The service account username for which the token will be + generated. + duration (string): The validity of the service account in seconds e.g.: "20000s" + The maximum value is 1 year in seconds e.g.: "31536000s" + description (string): The description of the service account token. + Returns: + response (list): Returns a list of dict that contains the token: + Ex: [{'value': {'key': {'id': '<userId>'}, 'user': 'ansible', + 'description': 'cvprac test', + 'valid_for': '550s', 'token': '<ey...>'}] + ''' + payload = {'value': {'description': description, + 'user': username, + 'valid_for': duration}} + msg = 'Service Account Resource APIs are supported from 2021.3.0+.' + if self.cvp_version_compare('>=', 7.0, msg): + url = '/api/v3/services/arista.serviceaccount.v1.TokenConfigService/Set' + self.log.debug('v7 {} {}'.format(url, payload)) + return self.clnt.post(url, data=payload) + + def svc_account_get_all(self): + ''' Get all service account states using Resource APIs. + Supported versions: CVP 2021.3.0 or newer and CVaaS. + Returns: + response (list): Returns a list of dictionaries that contains... + Ex: [{'value': {'key': {'name': 'ansible'}, 'status': 'ACCOUNT_STATUS_ENABLED', + 'description': 'lab-tests', 'groups': {'values': ['network-admin']}}, + 'time': '2022-02-10T04:28:14.251684869Z', 'type': 'INITIAL'}, ...] + + ''' + msg = 'Service Account Resource APIs are supported from 2021.3.0+.' + if self.cvp_version_compare('>=', 7.0, msg): + url = '/api/v3/services/arista.serviceaccount.v1.AccountService/GetAll' + self.log.debug('v7 {} '.format(url)) + return self.clnt.post(url) + + def svc_account_get_one(self, username): + ''' Get a service account's state using Resource APIs + Supported versions: CVP 2021.3.0 or newer and CVaaS. + Args: + username (string): The service account username. + Returns: + response (list): Returns a list of dict that contains... + Ex: [{'value': {'key': {'name': 'ansible'}, 'status': 'ACCOUNT_STATUS_ENABLED', + 'description': 'lab-tests', 'groups': {'values': ['network-admin']}}, + 'time': '2022-02-10T04:28:14.251684869Z'}] + ''' + msg = 'Service Account Resource APIs are supported from 2021.3.0+.' + if self.cvp_version_compare('>=', 7.0, msg): + payload = {"key": {"name": username}} + url = '/api/v3/services/arista.serviceaccount.v1.AccountService/GetOne' + self.log.debug('v7 {} {}'.format(url, payload)) + return self.clnt.post(url, data=payload) + + def svc_account_set(self, username, description, roles, status): + ''' Create a service account using Resource APIs. + Supported versions: CVP 2021.3.0 or newer and CVaaS. + Args: + username (string): The service account username. + description (string): The description of the service account. + roles (list): The list of role IDs. Default roles have a human readable name, + e.g.: 'network-admin', 'network-operator'; + other roles will have the format of 'role_<unix_timestamp>', + e.g. 'role_1658850344592739349'. + cvprac automatically converts non-default role names to role IDs. + status (enum): The status of the service account. Possible values: + 0 or 'ACCOUNT_STATUS_UNSPECIFIED' + 1 or 'ACCOUNT_STATUS_ENABLED' + 2 or 'ACCOUNT_STATUS_DISABLED' + Returns: + response (list): Returns a list of dict that contains... + Ex: [{'value': {'key': {'name': 'cvprac2'}, 'status': 'ACCOUNT_STATUS_ENABLED', + 'description': 'testapi', 'groups': {'values': + ['network-admin', 'role_1658850344592739349']}}, + 'time': '2022-07-26T18:19:55.392173445Z'}] + ''' + msg = 'Service Account Resource APIs are supported from 2021.3.0+.' + if self.cvp_version_compare('>=', 7.0, msg): + role_ids = [] + all_roles = self.get_roles() + for role in all_roles['roles']: + if role['key'] in roles or role['name'] in roles: + role_ids.append(role['key']) + if len(roles) != len(role_ids): + self.log.warning('Not all provided roles {} are valid. ' + 'Only using the found valid roles {}'.format(roles, role_ids)) + + payload = {'value': {'description': description, + 'groups': {'values': role_ids}, + 'key': {'name': username}, + 'status': status}} + url = '/api/v3/services/arista.serviceaccount.v1.AccountConfigService/Set' + self.log.debug('v7 {} {}'.format(url, payload)) + return self.clnt.post(url, data=payload) + + def svc_account_delete(self, username): + ''' Delete a service account using Resource APIs. + Supported versions: CVP 2021.3.0 or newer and CVaaS. + Args: + username (string): The service account username. + Returns: + response (list): Returns a list of dict that contains the time of deletion: + Ex: [{'key': {'name': 'cvprac2'}, + 'time': '2022-07-26T18:26:53.637425846Z'}] + ''' + msg = 'Service Account Resource APIs are supported from 2021.3.0+.' + if self.cvp_version_compare('>=', 7.0, msg): + payload = {"key": {"name": username}} + url = '/api/v3/services/arista.serviceaccount.v1.AccountConfigService/Delete' + self.log.debug('v7 {} {}'.format(url, payload)) + return self.clnt.post(url, data=payload) + + def svc_account_delete_expired_tokens(self): + ''' Delete all service account tokens using Resource APIs. + Supported versions: CVP 2021.3.0 or newer and CVaaS. + Returns: + response (list): Returns a list of dict that contains the list of tokens + that were deleted: + Ex: [{'value': {'key': {'id': '091f48a2808'},'user': 'cvprac3', + 'description': 'cvprac test', 'valid_until': '2022-07-26T18:31:18Z', + 'created_by': 'cvpadmin', 'last_used': None}, + 'time': '2022-07-26T18:30:28.022504853Z','type': 'INITIAL'}, + {'value': {'key': {'id': '2f6325d9c'},...] + ''' + tokens = self.svc_account_token_get_all() + expired_tokens = [] + for tok in tokens: + token = tok['value'] + if datetime.strptime(token['valid_until'], "%Y-%m-%dT%H:%M:%SZ") < datetime.utcnow(): + self.svc_account_token_delete(token['key']['id']) + expired_tokens.append(tok) + return expired_tokens diff --git a/cvprac/cvp_client.py b/cvprac/cvp_client.py new file mode 100644 index 0000000..0d901b7 --- /dev/null +++ b/cvprac/cvp_client.py @@ -0,0 +1,1018 @@ +# +# Copyright (c) 2017, Arista Networks, Inc. +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions are +# met: +# +# Redistributions of source code must retain the above copyright notice, +# this list of conditions and the following disclaimer. +# +# Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# +# Neither the name of Arista Networks nor the names of its +# contributors may be used to endorse or promote products derived from +# this software without specific prior written permission. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL ARISTA NETWORKS +# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR +# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE +# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN +# IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +# +''' RESTful API Client class for Cloudvision(R) Portal + +This module provides a RESTful API client for Cloudvision(R) Portal (CVP) +which can be used for building applications that work with Arista CVP. + +When the class is instantiated the logging is configured. Either syslog, +file logging, both, or none can be enabled. If neither syslog nor filename is +specified then no logging will be performed. + +This class supports creating a connection to a CVP node and then issuing +subsequent GET and POST requests to CVP. A GET or POST request will be +automatically retried on the same node if the request receives a +requests.exceptions.Timeout or ReadTimeout error. A GET or POST request will +be automatically retried on the same node if the request receives a +CvpSessionLogOutError. For this case a login will be performed before the +request is retried. For either case, the maximum number of times a request +will be retried on the same node is specified by the class attribute +NUM_RETRY_REQUESTS. + +If more than one CVP node is specified when creating a connection, and a GET +or POST request that receives a requests.exceptions.ConnectionError, +requests.exceptions.HTTPError, or a requests.exceptions.TooManyRedirects will +be retried on the next CVP node in the list. If a GET or POST request that +receives a requests.exceptions.Timeout or CvpSessionLogOutError and the retries +on the same node exceed NUM_RETRY_REQUESTS, then the request will be retried +on the next node on the list. + +If any of the errors persists across all nodes then the GET or POST request +will fail and the last error that occurred will be raised. + +The class provides connect, get, and post methods that allow the user to make +direct RESTful API calls to CVP. + +Example: + + >>> from cvprac.cvp_client import CvpClient + >>> clnt = CvpClient() + >>> clnt.connect(['cvp1', 'cvp2', 'cvp3'], 'cvp_user', 'cvp_word') + >>> result = clnt.get('/cvpInfo/getCvpInfo.do') + >>> print result + {u'version': u'2016.1.0'} + >>> + +The class provides a wrapper function around the CVP RESTful API operations. +Each API method takes the RESTful API parameters as method parameters to the +operation method. The API class was added to the client class because the +API functions are required when using the CVP RESTful API and placing them +in this library avoids duplicating the calls in every application that uses +this class. + +Example: + + >>> from cvprac.cvp_client import CvpClient + >>> clnt = CvpClient() + >>> clnt.connect(['cvp1', 'cvp2', 'cvp3'], 'cvp_user', 'cvp_word') + >>> result = clnt.api.get_cvp_info() + >>> print result + {u'version': u'2016.1.0'} + >>> +''' + +import os +import re +import json +import logging +from logging.handlers import SysLogHandler +from itertools import cycle +from pkg_resources import parse_version + +import requests +from requests.exceptions import ConnectionError, HTTPError, Timeout, \ + ReadTimeout, TooManyRedirects, JSONDecodeError + +from cvprac.cvp_api import CvpApi +from cvprac.cvp_client_errors import CvpApiError, CvpLoginError, \ + CvpRequestError, CvpSessionLogOutError + + +class CvpClient(object): + ''' Use this class to create a persistent connection to CVP. + ''' + # pylint: disable=too-many-instance-attributes + # Maximum number of times to retry a get or post to the same + # CVP node. + NUM_RETRY_REQUESTS = 3 + LATEST_API_VERSION = 8.0 + + def __init__(self, logger='cvprac', syslog=False, filename=None, + log_level='INFO'): + ''' Initialize the client and configure logging. Either syslog, file + logging, both, or none can be enabled. If neither syslog + nor filename is specified then no logging will be performed. + + Args: + logger (str): The name assigned to the logger. + syslog (bool): If True enable logging to syslog. Default is + False. + filename (str): Log to the file specified by filename. Default + is None. + log_level (str): Log level to use for logger. Default is INFO. + ''' + self.apiversion = None + self.authdata = None + self.cert = False + self.connect_timeout = None + self.cookies = None + self.error_msg = '' + self.node_cnt = None + self.node_pool = None + self.nodes = None + self.port = None + self.protocol = None + self.session = None + self.url_prefix = None + self.url_prefix_short = None + self.is_cvaas = False + self.tenant = None + self.cvaas_token = None + self.api_token = None + self.version = None + self._last_used_node = None + self.proxies = None + + # Save proper headers + self.headers = {'Accept': 'application/json', + 'Content-Type': 'application/json'} + + self.log = logging.getLogger(logger) + self.set_log_level(log_level) + if syslog: + # Enables sending logging messages to the local syslog server. + self.log.addHandler(SysLogHandler()) + if filename: + # Enables sending logging messages to a file. + self.log.addHandler(logging.FileHandler(filename)) + if syslog is False and filename is None: + # Not logging so use the null handler + self.log.addHandler(logging.NullHandler()) + + # Instantiate the CvpApi class + self.api = CvpApi(self) + + @property + def last_used_node(self): + ''' Returns the node that the last request was sent to regardless of + whether the request was successful or not. + + Returns: + String identifying the node that the last request was sent to. + ''' + return self._last_used_node + + def set_log_level(self, log_level='INFO'): + ''' Set log level for logger. Defaults to INFO if no level passed in or + if an invalid level is passed in. + + Args: + log_level (str): Log level to use for logger. Default is INFO. + ''' + log_level = log_level.upper() + if log_level not in ['NOTSET', 'DEBUG', 'INFO', + 'WARNING', 'ERROR', 'CRITICAL']: + log_level = 'INFO' + self.log.setLevel(getattr(logging, log_level)) + + def set_version(self, version): + ''' Set the CVP API version to be used when making api calls. + + For CVP versions 2018.1.X and prior, use api version 1.0 + For CVP versions 2018.2.X, use api version 2.0 + For CVP versions 2019.0.0 through 2020.1.0, use api version 3.0 + For CVP versions 2020.1.1 through 2020.2.3, use api version 4.0 + For CVP versions 2020.2.4 through 2021.1.x, use api version 5.0 + For CVP versions 2021.2.x, use api version 6.0 + For CVP versions 2021.3.x, use api version 7.0 + For CVP versions 2022.1.0 and beyond, use api version 8.0 + + Args: + version (str): The CVP version in use. + ''' + self.version = version + self.log.info('Version %s', version) + # Set apiversion to latest available API version for CVaaS + # Set apiversion to 8.0 for 2022.1.x + # Set apiversion to 7.0 for 2021.3.x + # Set apiversion to 6.0 for 2021.2.x + # Set apiversion to 5.0 for 2020.2.4 through 2021.1.x + # Set apiversion to 4.0 for 2020.1.1 through 2020.2.3 + # Set apiversion to 3.0 for 2019.0.0 through 2020.1.0 + # Set apiversion to 2.0 for 2018.2.X + # Set apiversion to 1.0 for 2018.1.X and prior + if self.is_cvaas: + self.log.info('Setting API version to %d for CVaaS', + self.LATEST_API_VERSION) + self.apiversion = self.LATEST_API_VERSION + else: + version_components = version.split(".") + if len(version_components) < 3: + version_components.append("0") + self.log.info('Version found with less than 3 components.' + ' Appending 0. Updated Version String - %s', + ".".join(version_components)) + full_version = ".".join(version_components) + if parse_version(full_version) >= parse_version('2022.1.0'): + self.log.info('Setting API version to v8') + self.apiversion = 8.0 + elif parse_version(full_version) >= parse_version('2021.3.0'): + self.log.info('Setting API version to v7') + self.apiversion = 7.0 + elif parse_version(full_version) >= parse_version('2021.2.0'): + self.log.info('Setting API version to v6') + self.apiversion = 6.0 + elif parse_version(full_version) >= parse_version('2020.2.4'): + self.log.info('Setting API version to v5') + self.apiversion = 5.0 + elif parse_version(full_version) >= parse_version('2020.1.1'): + self.log.info('Setting API version to v4') + self.apiversion = 4.0 + elif parse_version(full_version) >= parse_version('2019.0.0'): + self.log.info('Setting API version to v3') + self.apiversion = 3.0 + elif parse_version(full_version) >= parse_version('2018.2.0'): + self.log.info('Setting API version to v2') + self.apiversion = 2.0 + else: + self.log.info('Setting API version to v1') + self.apiversion = 1.0 + + def connect(self, nodes, username, password, connect_timeout=10, + request_timeout=30, protocol='https', port=None, cert=False, + is_cvaas=False, tenant=None, api_token=None, cvaas_token=None, + proxies=None): + ''' Login to CVP and get a session ID and cookie. Currently + certificates are not verified if the https protocol is specified. A + warning may be printed out from the requests module for this case. + + Args: + nodes (list): A list of hostname/IP addresses for CVP nodes + username (str): The CVP username + password (str): The CVP password + connect_timeout (int): The number of seconds to wait for a + connection. + request_timeout (int): The default number of seconds to allow + api requests to complete before timing out. + protocol (str): The protocol to use to connect to CVP. + THIS PARAMETER IS NOT USED AND WILL BE DEPRECATED. + ONLY INCLUDED TO NOT BREAK EXISTING CODE THAT HAS PROTOCOL + SPECIFIED IN CONNECTION. + port (int): The TCP port of the endpoint for the connection. + If this keyword is not specified, the default value is + automatically determined by the transport type. + (http=80, https=443) + cert (str or boolean): Path to a cert file used for a https + connection or boolean with default False. If a cert is + provided then the connection will not attempt to fallback + to http. The False default sets the request to not verify + the servers TLS certificate. + is_cvaas (boolean): Flag for enabling connection to CVaaS. + tenant: (string): Tenant/Org within CVaaS to connect to. + Required if is_cvaas is enabled. + cvaas_token (string): API Token to use in place of UN/PW login + for CVaaS. + api_token (string): API Token to use in place of UN/PW login + for CVP 2020.3.0 and beyond. + proxies (dict): A dictionary of proxy protocol to URL. Example: + + {'http': 'hostname.domain.com:8080', + 'https': 'hostname.domain.com:8080'} + + Proxies can also be set via environment variables. + Please reference the below link for details of precedence. + https://requests.readthedocs.io/en/latest/user/advanced/#proxies + + Raises: + CvpLoginError: A CvpLoginError is raised if a connection + could not be established to any of the nodes. + TypeError: A TypeError is raised if the nodes argument is not + a list. + ValueError: A ValueError is raised if a port is not specified + and the protocol is not http or https. + ''' + # pylint: disable=too-many-arguments + if not isinstance(nodes, list): + raise TypeError('nodes argument must be a list') + + for idx, _ in enumerate(nodes): + if (os.environ.get('CURRENT_NODE_IP') and + nodes[idx] in ['127.0.0.1', 'localhost']): + # We set this env in script-executor container. + # Mask localhost or 127.0.0.1 with node IP if this + # is called from configlet builder scripts. + nodes[idx] = os.environ.get('CURRENT_NODE_IP') + + self.cert = cert + self.nodes = nodes + self.node_cnt = len(nodes) + self.node_pool = cycle(nodes) + self.authdata = {'userId': username, 'password': password} + self.connect_timeout = connect_timeout + self.api.request_timeout = request_timeout + # protocol is deprecated and not used. + self.protocol = protocol + self.port = port + self.is_cvaas = is_cvaas + self.tenant = tenant + if cvaas_token is not None: + self.log.warning('The cvaas_token parameter will be deprecated' + ' soon. Please start using the api_token' + ' parameter instead. It provides the same' + ' functionality that was previously provided' + ' by cvaas_token. The api_token parameter is' + ' a more general API token parameter because' + ' using the CVP REST API via token is also' + ' available for on premises CVP as of' + ' CVP version 2020.3.0') + self.cvaas_token = cvaas_token + self.api_token = cvaas_token + if api_token is not None: + self.log.warning('Using the new api_token parameter.' + ' This will override usage of the cvaas_token' + ' parameter if both are provided. This is because' + ' api_token and cvaas_token parameters are for' + ' the same use case and api_token is more' + ' generic') + self.api_token = api_token + self.cvaas_token = api_token + self.proxies = proxies + self._create_session(all_nodes=True) + # Verify that we can connect to at least one node + if not self.session: + raise CvpLoginError(self.error_msg) + + def _create_session(self, all_nodes=False): + ''' Login to CVP and get a session ID and user information. + If the all_nodes parameter is True then try creating a session + with each CVP node. If False, then try creating a session with + each node except the one currently connected to. + ''' + num_nodes = self.node_cnt + if not all_nodes and num_nodes > 1: + num_nodes -= 1 + + self.error_msg = '\n' + for _ in range(0, num_nodes): + host = next(self.node_pool) + self.url_prefix = ('https://%s:%d/web' % (host, self.port or 443)) + self.url_prefix_short = ('https://%s:%d' + % (host, self.port or 443)) + error = self._reset_session() + if error is None: + break + self.error_msg += '%s: %s\n' % (host, error) + + def _reset_session(self): + ''' Get a new request session and try logging into the current + CVP node. If the login succeeded None will be returned and + self.session will be valid. If the login failed then an + exception error will be returned and self.session will + be set to None. + ''' + self.session = requests.Session() + if self.proxies: + self.session.proxies.update(self.proxies) + return_error = None + try: + self._login() + except (ConnectionError, CvpApiError, CvpRequestError, + CvpSessionLogOutError, HTTPError, ReadTimeout, Timeout, + TooManyRedirects) as error: + self.log.error(error) + # Use outer scope var for return to handle + # Python 3 UnboundLocalError + return_error = error + # Any error that occurs during login is a good reason not to use + # this CVP node. + self.session = None + return return_error + + def _is_good_response(self, response, prefix): + ''' Check for errors in a response from a GET or POST request. + The response argument contains a response object from a GET or POST + request. The prefix argument contains the prefix to put into the + error message. + + Raises: + CvpApiError: A CvpApiError is raised if there was a JSON error. + CvpRequestError: A CvpRequestError is raised if the request + is not properly constructed. + CvpSessionLogOutError: A CvpSessionLogOutError is raised if + response from server indicates session was logged out. + ''' + if not response.ok: + if 'Unauthorized' in response.reason: + # Check for 'Unauthorized' User error because this is how + # CVP responds to a logged out users requests in 2018.x. + msg = '%s: Request Error: %s' % (prefix, response.reason) + self.log.error(msg) + raise CvpApiError(msg) + if 'User is unauthorized' in response.text: + # Check for 'User is unauthorized' response text because this + # is how CVP responds to a logged out users requests in 2019.x. + msg = '%s: Request Error: User is unauthorized' % prefix + self.log.error(msg) + raise CvpApiError(msg) + else: + msg = '%s: Request Error: %s - %s' % (prefix, response.reason, + response.text) + self.log.error(msg) + raise CvpRequestError(msg) + + if 'LOG OUT MESSAGE' in response.text: + msg = ('%s: Request Error: session logged out' % prefix) + raise CvpSessionLogOutError(msg) + + joutput = json_decoder(response.text) + err_code_val = self._finditem(joutput, 'errorCode') + if err_code_val: + if 'errorMessage' in joutput: + err_msg = joutput['errorMessage'] + else: + if 'errors' in joutput: + error_list = joutput['errors'] + else: + error_list = [joutput['errorCode']] + # Build the error message from all the errors. + err_msg = error_list[0] + for idx in range(1, len(error_list)): + err_msg = '%s\n%s' % (err_msg, error_list[idx]) + + msg = ('%s: Request Error: %s' % (prefix, err_msg)) + self.log.error(msg) + raise CvpApiError(msg) + + def _check_response_status(self, response, prefix): + ''' Check for status OK in a response from a GET or POST request. + The response argument contains a response object from a GET or POST + request. The prefix argument contains the prefix to put into the + error message. + + Raises: + CvpRequestError: A CvpRequestError is raised if request + response status is not OK. + ''' + if not response.ok: + msg = '%s: Request Error: %s - %s' % (prefix, response.reason, + response.text) + self.log.error(msg) + raise CvpRequestError(msg) + + def _login(self): + ''' Make a POST request to CVP login authentication. + An error can be raised from the post method call or the + _is_good_response method call. Any errors raised would be a good + reason not to use this host. + + Raises: + ConnectionError: A ConnectionError is raised if there was a + network problem (e.g. DNS failure, refused connection, etc) + CvpApiError: A CvpApiError is raised if there was a JSON error. + CvpRequestError: A CvpRequestError is raised if the request + is not properly constructed. + CvpSessionLogOutError: A CvpSessionLogOutError is raised if + response from server indicates session was logged out. + HTTPError: A HTTPError is raised if there was an invalid HTTP + response. + ReadTimeout: A ReadTimeout is raised if there was a request + timeout when reading from the connection. + Timeout: A Timeout is raised if there was a request timeout. + TooManyRedirects: A TooManyRedirects is raised if the request + exceeds the configured number of maximum redirections + ValueError: A ValueError is raised when there is no valid + CVP session. This occurs because the previous get or post + request failed and no session could be established to a + CVP node. Destroy the class and re-instantiate. + ''' + # Remove any previous session id from the headers + self.headers.pop('APP_SESSION_ID', None) + if self.api_token is not None: + return self._set_headers_api_token() + elif self.is_cvaas: + raise CvpLoginError('CVaaS only supports API token authentication.' + ' Please create an API token and provide it' + ' via the api_token parameter in combination' + ' with the is_cvaas parameter') + return self._login_on_prem() + + def _login_on_prem(self): + ''' Make a POST request to CVP login authentication. + An error can be raised from the post method call or the + _is_good_response method call. Any errors raised would be a good + reason not to use this host. + + Raises: + ConnectionError: A ConnectionError is raised if there was a + network problem (e.g. DNS failure, refused connection, etc) + CvpApiError: A CvpApiError is raised if there was a JSON error. + CvpRequestError: A CvpRequestError is raised if the request + is not properly constructed. + CvpSessionLogOutError: A CvpSessionLogOutError is raised if + response from server indicates session was logged out. + HTTPError: A HTTPError is raised if there was an invalid HTTP + response. + ReadTimeout: A ReadTimeout is raised if there was a request + timeout when reading from the connection. + Timeout: A Timeout is raised if there was a request timeout. + TooManyRedirects: A TooManyRedirects is raised if the request + exceeds the configured number of maximum redirections + ValueError: A ValueError is raised when there is no valid + CVP session. This occurs because the previous get or post + request failed and no session could be established to a + CVP node. Destroy the class and re-instantiate. + ''' + url = self.url_prefix + '/login/authenticate.do' + response = self.session.post(url, + data=json.dumps(self.authdata), + headers=self.headers, + timeout=self.connect_timeout, + verify=self.cert) + self._is_good_response(response, 'Authenticate: %s' % url) + + self.cookies = response.cookies + self.headers['APP_SESSION_ID'] = response.json()['sessionId'] + + def _set_headers_api_token(self): + ''' Sets headers with API token instead of making a call to login API. + ''' + # If using an API token there is no need to run a Login API. + # Simply add the token into the headers or cookies + self.headers['Authorization'] = 'Bearer %s' % self.api_token + # Alternative to adding token to headers it can be added to + # cookies as shown below. + # self.cookies = {'access_token': self.api_token} + + def logout(self): + ''' + + :return: + ''' + response = self.post('/login/logout.do') + if response['data'] == 'success': + self.log.info('User logged out.') + self.session = None + else: + err = 'Error trying to logout %s' % response + self.log.error(err) + + def _make_request(self, req_type, url, timeout, data=None, + files=None): + ''' Make a GET, POST or DELETE request to CVP. If the request call raises a + timeout or CvpSessionLogOutError then the request will be retried + on the same CVP node. Otherwise the request will be tried on the + next CVP node. + + Args: + req_type (str): Either 'GET', 'POST' or 'DELETE'. + url (str): Portion of request URL that comes after the host. + timeout (int): Number of seconds the client will wait between + bytes sent from the server. + data (dict): Dict of key/value pairs to pass as parameters into + the request. Default is None. + files (dict): Dict of file name to files for upload. Currently + only used for adding images to CVP. Default is None. + + Returns: + The JSON response. + + Raises: + ConnectionError: A ConnectionError is raised if there was a + network problem (e.g. DNS failure, refused connection, etc) + CvpApiError: A CvpApiError is raised if there was a JSON error. + CvpRequestError: A CvpRequestError is raised if the request + is not properly constructed. + CvpSessionLogOutError: A CvpSessionLogOutError is raised if + response from server indicates session was logged out. + HTTPError: A HTTPError is raised if there was an invalid HTTP + response. + ReadTimeout: A ReadTimeout is raised if there was a request + timeout when reading from the connection. + Timeout: A Timeout is raised if there was a request timeout. + TooManyRedirects: A TooManyRedirects is raised if the request + exceeds the configured number of maximum re-directions + ValueError: A ValueError is raised when there is no valid + CVP session. This occurs because the previous get, post + or delete request failed and no session could be + established to a CVP node. Destroy the class and + re-instantiate. + JSONDecodeError: A JSONDecodeError is raised when the response + content contains invalid JSON. Potentially in the case of + Resource APIs that will return Stream JSON format with + multiple object or in the case where the response contains + incomplete JSON. + ''' + # pylint: disable=too-many-branches + # pylint: disable=too-many-statements + # pylint: disable=too-many-arguments + # pylint: disable=raising-bad-type + if not self.session: + raise ValueError('No valid session to CVP node') + # Keep note of which node is handling this request. + self._last_used_node = re.match('http[s]?://(.*):', + self.url_prefix).group(1) + # Retry the request for the number of nodes. + response = None + for node_num in range(self.node_cnt): + # Set full URL based on current node + if '/api/' in url or '/cvpservice/' in url: + full_url = self.url_prefix_short + url + elif self.is_cvaas: + # For CVaaS use cvpservice instead of web or api + full_url = self.url_prefix_short + '/cvpservice' + url + else: + full_url = self.url_prefix + url + try: + response = self._send_request(req_type, full_url, timeout, + data, files) + except CvpApiError as error: + # If this is not an Unauthorized CvpApiError raise the error + # 'Unauthorized' is for 2018.x + # 'User is unauthorized' is for 2019.x + if ('Unauthorized' not in error.msg and + 'User is unauthorized' not in error.msg): + raise error + # If this is the final CVP node raise error + if node_num + 1 == self.node_cnt: + raise error + # Create a new session to retry on another CVP node. + self._create_session() + # Verify that we can connect to at least one node + # otherwise raise the last error + if not self.session: + raise error + continue + except (ConnectionError, HTTPError, TooManyRedirects, ReadTimeout, + Timeout, CvpSessionLogOutError) as error: + # If this is the final CVP node raise error + if node_num + 1 == self.node_cnt: + raise error + # Create a new session to retry on another CVP node. + self._create_session() + # Verify that we can connect to at least one node + # otherwise raise the last error + if not self.session: + raise error + continue + break + + if not response: + self.log.debug('Received no response for request %s %s', + req_type, url) + return None + + # Added check for response.content being 'null' because of the + # service account APIs being a special case /services/ API that + # returns a null string for no objects instead of an empty string. + if not response.content or response.content == b'null': + return {'data': []} + + try: + resp_data = response.json() + if (resp_data is not None and 'result' in resp_data + and '/resources/' in full_url): + # Resource APIs use JSON streaming and will return + # multiple JSON objects during GetAll type API + # calls. We are wrapping the multiple objects into + # a key "data" and we also return a dictionary with + # key "data" as an empty dict for no data. This + # checks and keeps consistent the "data" key wrapper + # for a Resource API GetAll that returns a single + # object. + return {'data': [resp_data]} + return resp_data + except JSONDecodeError as error: + # Truncate long error messages + err_str = str(error) + if len(err_str) > 700: + err_str = f"{err_str[:300]}[... truncated ...]" \ + f" {err_str[-300:]}" + self.log.debug('Error trying to decode request response - %s', + err_str) + if 'Extra data' in str(error): + self.log.debug('Found multiple objects or NO objects in' + 'response data. Attempt to decode') + decoded_data = json_decoder(response.text) + return {'data': decoded_data} + else: + self.log.error('Unknown format for JSONDecodeError - %s', + err_str) + raise error + + def _send_request(self, req_type, full_url, timeout, data=None, + files=None): + ''' Make a GET, POST or DELETE request to CVP. If the request call + raises a timeout or CvpSessionLogOutError then the request will be + retried on the same CVP node. Otherwise the request will be tried + on the next CVP node. + + Args: + req_type (str): Either 'GET', 'POST' or 'DELETE'. + full_url (str): Portion of request URL that comes after the + host. + timeout (int): Number of seconds the client will wait between + bytes sent from the server. + data (dict): Dict of key/value pairs to pass as parameters into + the request. Default is None. + files (dict): Dict of file name to files for upload. Currently + only used for adding images to CVP. Default is None. + + Returns: + The JSON response. + + Raises: + ConnectionError: A ConnectionError is raised if there was a + network problem (e.g. DNS failure, refused connection, etc) + CvpApiError: A CvpApiError is raised if there was a JSON error. + CvpRequestError: A CvpRequestError is raised if the request + is not properly constructed. + CvpSessionLogOutError: A CvpSessionLogOutError is raised if + response from server indicates session was logged out. + HTTPError: A HTTPError is raised if there was an invalid HTTP + response. + ReadTimeout: A ReadTimeout is raised if there was a request + timeout when reading from the connection. + Timeout: A Timeout is raised if there was a request timeout. + TooManyRedirects: A TooManyRedirects is raised if the request + exceeds the configured number of maximum re-directions + ValueError: A ValueError is raised when there is no valid + CVP session. This occurs because the previous get, post + or delete request failed and no session could be + established to a CVP node. Destroy the class and + re-instantiate. + ''' + # pylint: disable=too-many-branches + # pylint: disable=too-many-statements + # pylint: disable=too-many-arguments + # pylint: disable=raising-bad-type + # For get or post requests apply both the connect and read timeout. + timeout = (self.connect_timeout, timeout) + for req_try in range(self.NUM_RETRY_REQUESTS): + try: + if req_type == 'GET': + response = self.session.get(full_url, + cookies=self.cookies, + headers=self.headers, + timeout=timeout, + verify=self.cert) + elif req_type == 'POST': + if files is None: + response = self.session.post(full_url, + cookies=self.cookies, + data=json.dumps(data), + headers=self.headers, + timeout=timeout, + verify=self.cert) + else: + fhs = dict() + fhs['Accept'] = self.headers['Accept'] + if 'APP_SESSION_ID' in self.headers: + fhs['APP_SESSION_ID'] = self.headers[ + 'APP_SESSION_ID'] + if 'Authorization' in self.headers: + fhs['Authorization'] = self.headers[ + 'Authorization'] + response = self.session.post(full_url, + cookies=self.cookies, + headers=fhs, + timeout=timeout, + verify=self.cert, + files=files) + elif req_type == 'DELETE': + response = self.session.delete(full_url, + cookies=self.cookies, + data=json.dumps(data), + headers=self.headers, + timeout=timeout, + verify=self.cert) + except (ConnectionError, HTTPError, TooManyRedirects) as error: + # Any of these errors is a good reason to try another CVP node + self.log.error(error) + raise error + except (ReadTimeout, Timeout) as error: + self.log.debug(error) + # If there was a timeout and this is not the final try, + # retry this request to the same node. If this is the final + # try raise the error so another CVP node can be tried + if req_try + 1 == self.NUM_RETRY_REQUESTS: + raise error + continue + + try: + self._is_good_response(response, '%s: %s ' % + (req_type, full_url)) + except CvpSessionLogOutError as error: + self.log.debug(error) + # Retry the request to the same node if there was a CVP session + # logout. Reset the session which will login. If a valid + # session comes back then clear the error so this request will + # be retried on the same node. + if req_try + 1 == self.NUM_RETRY_REQUESTS: + raise error + else: + self._reset_session() + if not self.session: + raise error + continue + except CvpApiError as error: + self.log.debug(error) + if ('Unauthorized' in error.msg or + 'User is unauthorized' in error.msg): + # Retry the request to the same node if there was an + # Unauthorized User error because this is how CVP responds + # to a logged out users requests in 2017.1. + # Check for 'User is unauthorized' in error because this is + # how CVP responds to a logged out user requests in 2019.x. + # Reset the session which will login. If a valid + # session comes back then clear the error so this request + # will be retried on the same node. + if req_try + 1 == self.NUM_RETRY_REQUESTS: + raise error + else: + self._reset_session() + if not self.session: + raise error + continue + else: + # pylint: disable=raising-bad-type + raise error + return response + + def get(self, url, timeout=30): + ''' Make a GET request to CVP. If the request call raises an error + or if the JSON response contains a CVP session related error then + retry the request on another CVP node. + + Args: + url (str): Portion of request URL that comes after the host. + timeout (int): Number of seconds the client will wait between + bytes sent from the server. Default value is 30 seconds. + + Returns: + The JSON response. + + Raises: + ConnectionError: A ConnectionError is raised if there was a + network problem (e.g. DNS failure, refused connection, etc) + CvpApiError: A CvpApiError is raised if there was a JSON error. + CvpRequestError: A CvpRequestError is raised if the request + is not properly constructed. + CvpSessionLogOutError: A CvpSessionLogOutError is raised if + response from server indicates session was logged out. + HTTPError: A HTTPError is raised if there was an invalid HTTP + response. + ReadTimeout: A ReadTimeout is raised if there was a request + timeout when reading from the connection. + Timeout: A Timeout is raised if there was a request timeout. + TooManyRedirects: A TooManyRedirects is raised if the request + exceeds the configured number of maximum re-directions + ValueError: A ValueError is raised when there is no valid + CVP session. This occurs because the previous get, post + or delete request failed and no session could be + established to a CVP node. Destroy the class and + re-instantiate. + ''' + return self._make_request('GET', url, timeout) + + def post(self, url, data=None, files=None, timeout=30): + ''' Make a POST request to CVP. If the request call raises an error + or if the JSON response contains a CVP session related error then + retry the request on another CVP node. + + Args: + url (str): Portion of request URL that comes after the host. + data (dict): Dict of key/value pairs to pass as parameters into + the request. Default is None. + files (dict): Dict of file name to files for upload. Currently + only used for adding images to CVP. Default is None. + timeout (int): Number of seconds the client will wait between + bytes sent from the server. Default value is 30 seconds. + + Returns: + The JSON response. + + Raises: + ConnectionError: A ConnectionError is raised if there was a + network problem (e.g. DNS failure, refused connection, etc) + CvpApiError: A CvpApiError is raised if there was a JSON error. + CvpRequestError: A CvpRequestError is raised if the request + is not properly constructed. + CvpSessionLogOutError: A CvpSessionLogOutError is raised if + response from server indicates session was logged out. + HTTPError: A HTTPError is raised if there was an invalid HTTP + response. + ReadTimeout: A ReadTimeout is raised if there was a request + timeout when reading from the connection. + Timeout: A Timeout is raised if there was a request timeout. + TooManyRedirects: A TooManyRedirects is raised if the request + exceeds the configured number of maximum re-directions + ValueError: A ValueError is raised when there is no valid + CVP session. This occurs because the previous get, post + or delete request failed and no session could be + established to a CVP node. Destroy the class and + re-instantiate. + ''' + return self._make_request('POST', url, timeout, data=data, files=files) + + def delete(self, url, data=None, timeout=30): + ''' Make a DELETE request to CVP. If the request call raises an error + or if the JSON response contains a CVP session related error then + retry the request on another CVP node. + + Args: + url (str): Portion of request URL that comes after the host. + data (dict): Dict of key/value pairs to pass as parameters into + the request. Default is None. + timeout (int): Number of seconds the client will wait between + bytes sent from the server. Default value is 30 seconds. + + Returns: + The JSON response. + + Raises: + ConnectionError: A ConnectionError is raised if there was a + network problem (e.g. DNS failure, refused connection, etc) + CvpApiError: A CvpApiError is raised if there was a JSON error. + CvpRequestError: A CvpRequestError is raised if the request + is not properly constructed. + CvpSessionLogOutError: A CvpSessionLogOutError is raised if + response from server indicates session was logged out. + HTTPError: A HTTPError is raised if there was an invalid HTTP + response. + ReadTimeout: A ReadTimeout is raised if there was a request + timeout when reading from the connection. + Timeout: A Timeout is raised if there was a request timeout. + TooManyRedirects: A TooManyRedirects is raised if the request + exceeds the configured number of maximum re-directions + ValueError: A ValueError is raised when there is no valid + CVP session. This occurs because the previous get, post + or delete request failed and no session could be + established to a CVP node. Destroy the class and + re-instantiate. + ''' + return self._make_request('DELETE', url, timeout, data=data) + + def _finditem(self, obj, key): + """ Find a key in a a nested list/dict. + + Args: + obj (dict): Object to iterate to return value for provided key + key (str): The key to locate in dict and return the value for + + Returns: + Value of found key or None if not found. + """ + item = None + if isinstance(obj, dict): + if key in obj: + item = obj[key] + else: + for _, value in obj.items(): + if isinstance(value, (dict, list)): + item = self._finditem(value, key) + if item is not None: + break + elif isinstance(obj, list): + for i in obj: + if isinstance(i, (dict, list)): + item = self._finditem(i, key) + if item is not None: + break + return item + + +def json_decoder(data): + ''' Check for ... + ''' + decoder = json.JSONDecoder() + position = 0 + decoded_data = [] + while True: + try: + obj, position = decoder.raw_decode(data, position) + decoded_data.append(obj) + position += 1 + except ValueError: + break + if len(decoded_data) == 1: + return decoded_data[0] + return decoded_data diff --git a/cvprac/cvp_client_errors.py b/cvprac/cvp_client_errors.py new file mode 100644 index 0000000..1fd832a --- /dev/null +++ b/cvprac/cvp_client_errors.py @@ -0,0 +1,68 @@ +# +# Copyright (c) 2017, Arista Networks, Inc. +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions are +# met: +# +# Redistributions of source code must retain the above copyright notice, +# this list of conditions and the following disclaimer. +# +# Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# +# Neither the name of Arista Networks nor the names of its +# contributors may be used to endorse or promote products derived from +# this software without specific prior written permission. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +# 'AS IS' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL ARISTA NETWORKS +# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR +# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE +# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN +# IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +# + +''' CVP Restful API client exception classes +''' + +class CvpClientError(Exception): + ''' CVP Restful API client error + ''' + def __init__(self, msg): + Exception.__init__(self) + self.msg = msg + + def __str__(self): + return self.msg + +class CvpApiError(CvpClientError): + ''' Error encountered related to the CVP API request. + ''' + def __init__(self, msg): + CvpClientError.__init__(self, msg) + +class CvpLoginError(CvpClientError): + ''' Error encountered trying to login into CVP. + ''' + def __init__(self, msg): + CvpClientError.__init__(self, msg) + +class CvpRequestError(CvpClientError): + ''' CVP request not properly constructed. + ''' + def __init__(self, msg): + CvpClientError.__init__(self, msg) + +class CvpSessionLogOutError(CvpClientError): + ''' Current CVP session has been logged out. + ''' + def __init__(self, msg): + CvpClientError.__init__(self, msg) diff --git a/dev-requirements.txt b/dev-requirements.txt new file mode 100644 index 0000000..2395cb7 --- /dev/null +++ b/dev-requirements.txt @@ -0,0 +1,9 @@ +check-manifest +coverage +mock +pdoc +pep8 +pyflakes +pylint +pyyaml +twine diff --git a/docs/labs/README.md b/docs/labs/README.md new file mode 100644 index 0000000..132ee64 --- /dev/null +++ b/docs/labs/README.md @@ -0,0 +1,67 @@ +# cvprac labs + +The following lab examples will walk through the most commonly used REST API calls using cvprac +to help users interact with Arista CloudVision easily and automate the provisioning of network devices. + +## Table of Contents + +1. [Authentication](#authentication) + - [Password Authentication](#password-authentication) + - [Service Account Token Authentication](#service-account-token-authentication) +1. [Known Limitations](#known-limitations) + +## Authentication + +There are two ways to authenticate using the REST APIs: + +- user/password (on-prem only) +- service account token (available on CVP 2020.3.0+ and CVaaS) + +### Password Authentication + +```python +from cvprac.cvp_client import CvpClient +clnt = CvpClient() +clnt.connect(['10.83.13.33'],'cvpadmin', 'arastra') +``` + +### Service Account Token Authentication + +To access the CloudVision as-a-Service and send API requests, "Service Account Token" is needed. +After obtaining the service account token, it can be used for authentication when sending API requests. + +Service accounts can be created from the Settings page where a service token can be generated as seen below: + +![serviceaccount1](./static/serviceaccount1.png) +![serviceaccount2](./static/serviceaccount2.png) +![serviceaccount3](./static/serviceaccount3.png) + +The token should be copied and saved to a file that can later be referred to. + +```python +from cvprac.cvp_client import CvpClient +clnt = CvpClient() +with open("token.tok") as f: + token = f.read().strip('\n') +clnt.connect(nodes=['www.arista.io'], username='', password='', is_cvaas=True, api_token=token) +``` + +>NOTE In case of CVaaS the `is_cvaas` parameters has to be set to `True` + +Service accounts are supported on CVP on-prem starting from `2020.3.0`. More details in the [TOI](https://eos.arista.com/toi/cvp-2020-3-0/service-accounts/) and the [CV config guide](https://www.arista.com/en/cg-cv/cv-service-accounts). + +```python +from cvprac.cvp_client import CvpClient + +with open("token.tok") as f: + token = f.read().strip('\n') + +clnt = CvpClient() +clnt.connect(nodes=['10.83.13.33'], username='',password='',api_token=token) +``` + +## Known Limitations + +- for any APIs that interact with EOS devices, the service account name must match the name of the username + configured on EOS and CVP +- Support for REST API bindings for the Resource APIs (Lab 8) was added in CVP 2021.1.0 diff --git a/docs/labs/lab01-cvp-info/get_cvp_info.py b/docs/labs/lab01-cvp-info/get_cvp_info.py new file mode 100644 index 0000000..0e002d0 --- /dev/null +++ b/docs/labs/lab01-cvp-info/get_cvp_info.py @@ -0,0 +1,17 @@ +# Copyright (c) 2021 Arista Networks, Inc. +# Use of this source code is governed by the Apache License 2.0 +# that can be found in the COPYING file. + +from cvprac.cvp_client import CvpClient +import ssl +ssl._create_default_https_context = ssl._create_unverified_context +import requests.packages.urllib3 + +requests.packages.urllib3.disable_warnings() + +# Create connection to CloudVision +clnt = CvpClient() +clnt.connect(nodes=['cvp1'], username="username",password="password") + +result = clnt.api.get_cvp_info() +print(result) diff --git a/docs/labs/lab02-inventory-operations/compliance_check.py b/docs/labs/lab02-inventory-operations/compliance_check.py new file mode 100644 index 0000000..306b407 --- /dev/null +++ b/docs/labs/lab02-inventory-operations/compliance_check.py @@ -0,0 +1,57 @@ +# Copyright (c) 2021 Arista Networks, Inc. +# Use of this source code is governed by the Apache License 2.0 +# that can be found in the COPYING file. + +from cvprac.cvp_client import CvpClient +import ssl +ssl._create_default_https_context = ssl._create_unverified_context +import requests.packages.urllib3 +requests.packages.urllib3.disable_warnings() + +### Compliance Code description +compliance = {"0000":"Configuration is in sync", + "0001": "Config is out of sync", + "0002": "Image is out of sync", + "0003": "Config & image out of sync", + "0004": "Config, Image and Device time are in sync", + "0005": "Device is not reachable", + "0006": "The current EOS version on this device is not supported by CVP. Upgrade the device to manage.", + "0007": "Extensions are out of sync", + "0008": "Config, Image and Extensions are out of sync", + "0009": "Config and Extensions are out of sync", + "0010": "Image and Extensions are out of sync", + "0011": "Unauthorized User", + "0012": "Config, Image, Extension and Device time are out of sync", + "0013": "Config, Image and Device time are out of sync", + "0014": "Config, Extensions and Device time are out of sync", + "0015": "Image, Extensions and Device time are out of sync", + "0016": "Config and Device time are out of sync", + "0017": "Image and Device time are out of sync", + "0018": "Extensions and Device time are out of sync", + "0019": "Device time is out of sync" +} + +# Create connection to CloudVision using Service account token +with open("token.tok") as f: + token = f.read().strip('\n') + +clnt = CvpClient() +clnt.connect(nodes=['cvp1'], username='',password='',api_token=token) + +def check_devices_under_container(client, container): + ''' container is the container ID ''' + + nodeId = container['key'] + nodeName = container['name'] + api = '/ztp/getAllNetElementList.do?' + queryParams = "nodeId={}&queryParam=&nodeName={}&startIndex=0&endIndex=0&contextQueryParam=&ignoreAdd=false&useCache=true".format(nodeId, nodeName) + return client.get(api + queryParams) + + +container = clnt.api.get_container_by_name('TP_LEAFS') + +devices = (check_devices_under_container(clnt,container)) + +for device in devices['netElementList']: + code = device['complianceCode'] + print(device['fqdn'], ' ', code,' ', compliance[code]) diff --git a/docs/labs/lab02-inventory-operations/get_running_configs.py b/docs/labs/lab02-inventory-operations/get_running_configs.py new file mode 100644 index 0000000..5478f2e --- /dev/null +++ b/docs/labs/lab02-inventory-operations/get_running_configs.py @@ -0,0 +1,31 @@ +# Copyright (c) 2021 Arista Networks, Inc. +# Use of this source code is governed by the Apache License 2.0 +# that can be found in the COPYING file. + +from cvprac.cvp_client import CvpClient +import ssl +ssl._create_default_https_context = ssl._create_unverified_context +import requests.packages.urllib3 +requests.packages.urllib3.disable_warnings() + +# Create connection to CloudVision +clnt = CvpClient() +clnt.connect(nodes=['cvp1'], username="username",password="password") + +# Get the full inventory +inventory = clnt.api.get_inventory() + +# Create a list of MAC addresses +device_macs = [] +for i in inventory: + device_macs.append(i['systemMacAddress']) + +# Create a dictionary with MAC to running-config mapping +running_configs = {} +for i in device_macs: + running_configs[i] = clnt.api.get_device_configuration(i) + +# Write the running-configs of each device using the hostname as the filename +for i in inventory: + with open(i['fqdn']+'.cfg', 'w') as f: + f.write(running_configs[i['systemMacAddress']])
\ No newline at end of file diff --git a/docs/labs/lab02-inventory-operations/get_running_configs_by_time.py b/docs/labs/lab02-inventory-operations/get_running_configs_by_time.py new file mode 100644 index 0000000..7bbc294 --- /dev/null +++ b/docs/labs/lab02-inventory-operations/get_running_configs_by_time.py @@ -0,0 +1,34 @@ +from cvprac.cvp_client import CvpClient +import ssl +ssl._create_default_https_context = ssl._create_unverified_context +import requests.packages.urllib3 +requests.packages.urllib3.disable_warnings() + +clnt = CvpClient() +clnt.connect(nodes=['cvp1'], username="username",password="password") + +ts = "2021-11-19T15:04:05.0Z" # rfc3339 time +uri = "/api/v3/services/compliancecheck.Compliance/GetConfig" + +# Fetch the inventory +inventory = clnt.api.get_inventory() + +# Iterate through all devices and get the running-config at the specified time for each device +for device in inventory: + sn = device['serialNumber'] + data = {"request":{ + "device_id": sn, + "timestamp": ts, + "type":"RUNNING_CONFIG" + } + } + try: + resultRunningConfig = clnt.post(uri, data=data) + for idx in resultRunningConfig: + if 'config' in idx: + result = idx['config'] + break + with open(device['hostname']+'.cfg','w') as f: + f.write(result) + except Exception as e: + print("Not able to get configuration for device {} - exception {}".format(device['fqdn'], e)) diff --git a/docs/labs/lab02-inventory-operations/remove_all_devices_legacy.py b/docs/labs/lab02-inventory-operations/remove_all_devices_legacy.py new file mode 100644 index 0000000..f8ca8cb --- /dev/null +++ b/docs/labs/lab02-inventory-operations/remove_all_devices_legacy.py @@ -0,0 +1,30 @@ +# Copyright (c) 2021 Arista Networks, Inc. +# Use of this source code is governed by the Apache License 2.0 +# that can be found in the COPYING file. + +from cvprac.cvp_client import CvpClient +import ssl +ssl._create_default_https_context = ssl._create_unverified_context +import requests.packages.urllib3 +requests.packages.urllib3.disable_warnings() + +# Create connection to CloudVision +clnt = CvpClient() +clnt.connect(nodes=['cvp1'], username="username",password="password") + +inventory = clnt.api.get_inventory() + +devices = [] +for netelement in inventory: + devices.append(netelement['systemMacAddress']) + +# Remove devices from provisioning +# This is a legacy API call that removes the devices from Network Provisioning +# in CVP versions older than 2021.3.0, however it does not remove them from +# the Device Inventory as that requires the streaming agent (TerminAttr) to be shutdown, +# which this API does not support. +# To fully decommission a device the device_decommissioning() API can be used, which is +# supported from 2021.3.0+. +# Note that using the delete_devices() function post CVP 2021.3.0 the device will be +# automatically added back to the Undefined container. +clnt.api.delete_devices(devices) diff --git a/docs/labs/lab02-inventory-operations/remove_and_decommission_device.py b/docs/labs/lab02-inventory-operations/remove_and_decommission_device.py new file mode 100644 index 0000000..16e783a --- /dev/null +++ b/docs/labs/lab02-inventory-operations/remove_and_decommission_device.py @@ -0,0 +1,32 @@ +# Copyright (c) 2022 Arista Networks, Inc. +# Use of this source code is governed by the Apache License 2.0 +# that can be found in the COPYING file. + +from cvprac.cvp_client import CvpClient +import ssl +import uuid +import time +ssl._create_default_https_context = ssl._create_unverified_context +import requests.packages.urllib3 +requests.packages.urllib3.disable_warnings() + +# Create connection to CloudVision +clnt = CvpClient() +clnt.connect(nodes=['cvp1'], username="username", password="password") + +device_id = input("Serial number of the device to be decommissioned: ") +request_id = str(uuid.uuid4()) +clnt.api.device_decommissioning(device_id, request_id) + +# This API call will fully decommission the device, ie remove it from both +# Network Provisioning and Device Inventory (telemetry). It send an eAPI request +# to EOS to shutdown the TerminAttr daemon, waits for streaming to stop and then removes +# the device from provisioning and finally decommissions it. This operation can take a few minutes. +# Supported from CVP 2021.3.0+ and CVaaS. +decomm_status = "DECOMMISSIONING_STATUS_SUCCESS" +decomm_result = "" +while decomm_result != decomm_status: + decomm_result = clnt.api.device_decommissioning_status_get_one(request_id)['value']['status'] + time.sleep(10) + +print(decomm_result) diff --git a/docs/labs/lab02-inventory-operations/remove_devices_from_container_legacy.py b/docs/labs/lab02-inventory-operations/remove_devices_from_container_legacy.py new file mode 100644 index 0000000..93e0e19 --- /dev/null +++ b/docs/labs/lab02-inventory-operations/remove_devices_from_container_legacy.py @@ -0,0 +1,32 @@ +# Copyright (c) 2021 Arista Networks, Inc. +# Use of this source code is governed by the Apache License 2.0 +# that can be found in the COPYING file. + +from cvprac.cvp_client import CvpClient +import ssl +ssl._create_default_https_context = ssl._create_unverified_context +import requests.packages.urllib3 +requests.packages.urllib3.disable_warnings() + +# Create connection to CloudVision +clnt = CvpClient() +clnt.connect(nodes=['cvp1'], username="username",password="password") + +# Get devices in a specific container +inventory = clnt.api.get_devices_in_container("Undefined") + +# Create device list +devices = [] +for netelement in inventory: + devices.append(netelement['systemMacAddress']) + +# Remove devices from provisioning +# This is a legacy API call that removes the devices from Network Provisioning +# in CVP versions older than 2021.3.0, however it does not remove them from +# the Device Inventory as that requires the streaming agent (TerminAttr) to be shutdown, +# which this API does not support. +# To fully decommission a device the device_decommissioning() API can be used, which is +# supported from 2021.3.0+. +# Note that using the delete_devices() function post CVP 2021.3.0 the device will be +# automatically added back to the Undefined container. +clnt.api.delete_devices(devices) diff --git a/docs/labs/lab02-inventory-operations/remove_devices_legacy.py b/docs/labs/lab02-inventory-operations/remove_devices_legacy.py new file mode 100644 index 0000000..1f274f0 --- /dev/null +++ b/docs/labs/lab02-inventory-operations/remove_devices_legacy.py @@ -0,0 +1,30 @@ +# Copyright (c) 2021 Arista Networks, Inc. +# Use of this source code is governed by the Apache License 2.0 +# that can be found in the COPYING file. + +from cvprac.cvp_client import CvpClient +import ssl +ssl._create_default_https_context = ssl._create_unverified_context +import requests.packages.urllib3 +requests.packages.urllib3.disable_warnings() + +# Create connection to CloudVision using Service account token +with open("token.tok") as f: + token = f.read().strip('\n') + +clnt = CvpClient() +clnt.connect(nodes=['cvp1'], username='', password='', api_token=token) + +devices = ["50:08:00:a7:ca:c3","50:08:00:b1:5b:0b","50:08:00:60:c6:76", + "50:08:00:25:9d:36","50:08:00:8b:ee:b1","50:08:00:8c:22:49"] + +# Remove devices from provisioning +# This is a legacy API call that removes the devices from Network Provisioning +# in CVP versions older than 2021.3.0, however it does not remove them from +# the Device Inventory as that requires the streaming agent (TerminAttr) to be shutdown, +# which this API does not support. +# To fully decommission a device the device_decommissioning() API can be used, which is +# supported from 2021.3.0+. +# Note that using the delete_devices() function post CVP 2021.3.0 the device will be +# automatically added back to the Undefined container. +clnt.api.delete_devices(devices) diff --git a/docs/labs/lab03-configlet-management/assign_configlet_to_device.py b/docs/labs/lab03-configlet-management/assign_configlet_to_device.py new file mode 100644 index 0000000..2973408 --- /dev/null +++ b/docs/labs/lab03-configlet-management/assign_configlet_to_device.py @@ -0,0 +1,23 @@ +# Copyright (c) 2021 Arista Networks, Inc. +# Use of this source code is governed by the Apache License 2.0 +# that can be found in the COPYING file. + +from cvprac.cvp_client import CvpClient +import ssl +ssl._create_default_https_context = ssl._create_unverified_context +import requests.packages.urllib3 + +requests.packages.urllib3.disable_warnings() + +# Create connection to CloudVision +clnt = CvpClient() +clnt.connect(nodes=['cvp1'], username="username",password="password") + +configletName = 'cvprac_example2' + +device_name = "tp-avd-leaf1" +device = clnt.api.get_device_by_name(device_name) + +configlet = clnt.api.get_configlet_by_name(configletName) + +clnt.api.apply_configlets_to_device("", device, [configlet]) diff --git a/docs/labs/lab03-configlet-management/backup_configlets.py b/docs/labs/lab03-configlet-management/backup_configlets.py new file mode 100644 index 0000000..6543a6b --- /dev/null +++ b/docs/labs/lab03-configlet-management/backup_configlets.py @@ -0,0 +1,20 @@ +# Copyright (c) 2021 Arista Networks, Inc. +# Use of this source code is governed by the Apache License 2.0 +# that can be found in the COPYING file. +# +# Get configlets and save them to individual files +from cvprac.cvp_client import CvpClient +import ssl +ssl._create_default_https_context = ssl._create_unverified_context +import requests.packages.urllib3 +requests.packages.urllib3.disable_warnings() + +# Create connection to CloudVision +clnt = CvpClient() +clnt.connect(['cvp1'],'username', 'password') + +configlets = clnt.api.get_configlets(start=0,end=0) + +for configlet in configlets['data']: + with open(configlet['name'],'w') as f: + f.write(configlet['config']) diff --git a/docs/labs/lab03-configlet-management/backup_configletsV2.py b/docs/labs/lab03-configlet-management/backup_configletsV2.py new file mode 100644 index 0000000..0247f19 --- /dev/null +++ b/docs/labs/lab03-configlet-management/backup_configletsV2.py @@ -0,0 +1,48 @@ +# Copyright (c) 2021 Arista Networks, Inc. +# Use of this source code is governed by the Apache License 2.0 +# that can be found in the COPYING file. +# +# Get configlets and save them to individual files using multi threading +from cvprac.cvp_client import CvpClient +import ssl +ssl._create_default_https_context = ssl._create_unverified_context +import requests.packages.urllib3 +requests.packages.urllib3.disable_warnings() +from concurrent.futures import ThreadPoolExecutor +from functools import wraps + +# Create connection to CloudVision +clnt = CvpClient() +clnt.connect(['cvp1'],'username', 'password') + +total = clnt.api.get_configlets(start=0,end=1)['total'] + +def get_list_of_configlets(): + """ + Create a thread pool and download specified urls + """ + + futures_list = [] + results = [] + + with ThreadPoolExecutor(max_workers=40) as executor: + for i in range(0,total+1,10): + futures = executor.submit(clnt.api.get_configlets, start=i,end=i+10) + futures_list.append(futures) + + for future in futures_list: + try: + result = future.result(timeout=60) + results.append(result) + except Exception: + results.append(None) + print(future.result()) + return results + +if __name__ == "__main__": + + results = get_list_of_configlets() + for future in results: + for configlet in future['data']: + with open(configlet['name'],'w') as f: + f.write(configlet['config']) diff --git a/docs/labs/lab03-configlet-management/common.cfg b/docs/labs/lab03-configlet-management/common.cfg new file mode 100644 index 0000000..7620ae1 --- /dev/null +++ b/docs/labs/lab03-configlet-management/common.cfg @@ -0,0 +1,6 @@ +! +ip name-server vrf management 1.1.1.1 +ip name-server vrf management 8.8.8.8 +! +ntp server vrf management time.google.com +! diff --git a/docs/labs/lab03-configlet-management/config_search.py b/docs/labs/lab03-configlet-management/config_search.py new file mode 100644 index 0000000..4c3ad27 --- /dev/null +++ b/docs/labs/lab03-configlet-management/config_search.py @@ -0,0 +1,54 @@ +# Copyright (c) 2022 Arista Networks, Inc. +# Use of this source code is governed by the Apache License 2.0 +# that can be found in the COPYING file. + +from cvprac.cvp_client import CvpClient +import ssl +ssl._create_default_https_context = ssl._create_unverified_context +import requests.packages.urllib3 +requests.packages.urllib3.disable_warnings() + +# Create connection to CloudVision +clnt = CvpClient() +clnt.connect(nodes=['cvp1'], username="username",password="password") + +def main(): + + print('Retrieving configlets ...') + + inventory = clnt.api.get_inventory() + data = clnt.api.get_configlets_and_mappers()['data'] + print(data) + + print('Number of configlets:', len(data['configlets'])) + + searchAgain = True + while searchAgain: + try: + search = input( "\nEnter Config Line: " ) + print(f"\n\n\'{search}\' has been found in following configlets:\n\n") + print(f"{'Hostname':<30}{'Serial number':<50}{'MAC address':<30}{'Configlets':<40}") + print("=" * 150) + for i in inventory: + device = i['hostname'] + device_sn = i['serialNumber'] + device_mac = i['systemMacAddress'] + configlet_list = [] + for c in data['configlets']: + for g in data['generatedConfigletMappers']: + if device_mac == g['netElementId'] and c['key'] == g['configletBuilderId'] and search in c['config']: + configlet_list.append(c['name']) + for k in data['configletMappers']: + if device_mac == k['objectId'] and c['key'] == k['configletId'] and search in c['config']: + configlet_list.append(c['name']) + configlet_list_final = ",".join(configlet_list) + if len(configlet_list) > 0: + print(f"{device:<30}{device_sn:<50}{device_mac:<30}{configlet_list_final:<30}") + + except KeyboardInterrupt: + print('\nExiting... \n') + return + +if __name__ == '__main__': + main() + diff --git a/docs/labs/lab03-configlet-management/configlet_list.txt b/docs/labs/lab03-configlet-management/configlet_list.txt new file mode 100644 index 0000000..645252c --- /dev/null +++ b/docs/labs/lab03-configlet-management/configlet_list.txt @@ -0,0 +1,6 @@ +tp-avd_tp-avd-leaf1 +tp-avd_tp-avd-leaf2 +tp-avd_tp-avd-leaf3 +tp-avd_tp-avd-leaf4 +tp-avd_tp-avd-spine1 +tp-avd_tp-avd-spine2
\ No newline at end of file diff --git a/docs/labs/lab03-configlet-management/create_configlet.py b/docs/labs/lab03-configlet-management/create_configlet.py new file mode 100644 index 0000000..8579fbf --- /dev/null +++ b/docs/labs/lab03-configlet-management/create_configlet.py @@ -0,0 +1,24 @@ +# Copyright (c) 2021 Arista Networks, Inc. +# Use of this source code is governed by the Apache License 2.0 +# that can be found in the COPYING file. + +from cvprac.cvp_client import CvpClient +import ssl +ssl._create_default_https_context = ssl._create_unverified_context +import requests.packages.urllib3 +requests.packages.urllib3.disable_warnings() + +# Create connection to CloudVision +clnt = CvpClient() +clnt.connect(nodes=['cvp1'], username="username",password="password") + +configletName = "cvprac_example" + +configlet = """! +interface Ethernet10 + description test + ip address 10.144.144.1/24 +! +""" + +clnt.api.add_configlet(configletName,configlet) diff --git a/docs/labs/lab03-configlet-management/create_configlet_from_file.py b/docs/labs/lab03-configlet-management/create_configlet_from_file.py new file mode 100644 index 0000000..d6d07c6 --- /dev/null +++ b/docs/labs/lab03-configlet-management/create_configlet_from_file.py @@ -0,0 +1,19 @@ +# Copyright (c) 2021 Arista Networks, Inc. +# Use of this source code is governed by the Apache License 2.0 +# that can be found in the COPYING file. + +from cvprac.cvp_client import CvpClient +import ssl +ssl._create_default_https_context = ssl._create_unverified_context +import requests.packages.urllib3 +requests.packages.urllib3.disable_warnings() + +# Create connection to CloudVision +clnt = CvpClient() +clnt.connect(nodes=['cvp1'], username="username",password="password") + +configletName = "cvprac_example2" + +with open("common.cfg") as file: + configlet = file.read() +clnt.api.add_configlet(configletName, configlet) diff --git a/docs/labs/lab03-configlet-management/get_applied_netelements.py b/docs/labs/lab03-configlet-management/get_applied_netelements.py new file mode 100644 index 0000000..71e020e --- /dev/null +++ b/docs/labs/lab03-configlet-management/get_applied_netelements.py @@ -0,0 +1,36 @@ +# Copyright (c) 2023 Arista Networks, Inc. +# Use of this source code is governed by the Apache License 2.0 +# that can be found in the COPYING file. + +from cvprac.cvp_client import CvpClient +import ssl +import argparse +ssl._create_default_https_context = ssl._create_unverified_context +import requests.packages.urllib3 +requests.packages.urllib3.disable_warnings() + +# Create connection to CloudVision +clnt = CvpClient() +clnt.connect(nodes=['cvp1'], username="username", password="password") + +parser = argparse.ArgumentParser( + description='Get the list of devices and containers a configlet is attached to') +parser.add_argument('-c', '--configlet', required=True, help='The name of the configlet') +args = parser.parse_args() + +configlet_name = args.configlet +devices = clnt.api.get_applied_devices(configlet_name) + +containers = clnt.api.get_applied_containers(configlet_name) +print(f"Total number of devices {configlet_name} is attached to: {devices['total']}\n") +print(f"Total number of containers {configlet_name} is attached to: {containers['total']}\n") +col1 = "Device FQDN/hostname" +col2 = "IP Address" +print(f"{col1:<40}{col2:<40}") +print("="*80) +for device in devices['data']: + print(f"{device['hostName']:<40}{device['ipAddress']}") + +print("\nList of containers:\n") +for container in containers['data']: + print(container['containerName']) diff --git a/docs/labs/lab03-configlet-management/get_configlets.py b/docs/labs/lab03-configlet-management/get_configlets.py new file mode 100644 index 0000000..fc3dc2d --- /dev/null +++ b/docs/labs/lab03-configlet-management/get_configlets.py @@ -0,0 +1,53 @@ +# Copyright (c) 2021 Arista Networks, Inc. +# Use of this source code is governed by the Apache License 2.0 +# that can be found in the COPYING file. +# +# Get list of configlets in parallel + +from cvprac.cvp_client import CvpClient +import ssl +from concurrent.futures import ThreadPoolExecutor +ssl._create_default_https_context = ssl._create_unverified_context +import requests.packages.urllib3 +requests.packages.urllib3.disable_warnings() + +# Create connection to CloudVision +clnt = CvpClient() + +clnt.connect(nodes=['cvp1'], username="username",password="password") + +import time +from functools import wraps + +def get_list_of_configlets(configlets): + """ + Create a thread pool and download specified urls + """ + + futures_list = [] + results = [] + + with ThreadPoolExecutor(max_workers=40) as executor: + for configlet in configlets: + futures = executor.submit(clnt.api.get_configlet_by_name, configlet) + futures_list.append(futures) + + for future in futures_list: + try: + result = future.result(timeout=60) + results.append(result) + except Exception: + results.append(None) + return results + +if __name__ == "__main__": + # Example with pre-defined list + configlets = ["tp-avd_tp-avd-leaf1","tp-avd_tp-avd-leaf2","tp-avd_tp-avd-leaf3","tp-avd_tp-avd-leaf4"] + + # Example with loading list of configlets from a file + # with open("configlet_list.txt") as f: + # configlets = f.read().splitlines() + + results = get_list_of_configlets(configlets) + for result in results: + print(result) diff --git a/docs/labs/lab03-configlet-management/reorder_configlet_on_device.py b/docs/labs/lab03-configlet-management/reorder_configlet_on_device.py new file mode 100644 index 0000000..3a5bb6f --- /dev/null +++ b/docs/labs/lab03-configlet-management/reorder_configlet_on_device.py @@ -0,0 +1,26 @@ +# Copyright (c) 2021 Arista Networks, Inc. +# Use of this source code is governed by the Apache License 2.0 +# that can be found in the COPYING file. + +from cvprac.cvp_client import CvpClient +import ssl +ssl._create_default_https_context = ssl._create_unverified_context +import requests.packages.urllib3 +requests.packages.urllib3.disable_warnings() + +# Create connection to CloudVision +clnt = CvpClient() +clnt.connect(nodes=['cvp1'], username="username",password="password") + +configletNames = ['tp-avd_tp-avd-leaf1','vlan144','api_models'] + +device_name = "tp-avd-leaf1" +device = clnt.api.get_device_by_name(device_name) + +configlets = [] + +for name in configletNames: + configlets.append(clnt.api.get_configlet_by_name(name)) + +# Apply configlets in the order specified in the list +clnt.api.apply_configlets_to_device("", device, configlets, reorder_configlets=True) diff --git a/docs/labs/lab03-configlet-management/update_configlet.py b/docs/labs/lab03-configlet-management/update_configlet.py new file mode 100644 index 0000000..b3eb9c0 --- /dev/null +++ b/docs/labs/lab03-configlet-management/update_configlet.py @@ -0,0 +1,28 @@ +# Copyright (c) 2021 Arista Networks, Inc. +# Use of this source code is governed by the Apache License 2.0 +# that can be found in the COPYING file. + +from cvprac.cvp_client import CvpClient +import ssl +ssl._create_default_https_context = ssl._create_unverified_context +import requests.packages.urllib3 +requests.packages.urllib3.disable_warnings() + +# Create connection to CloudVision +clnt = CvpClient() +clnt.connect(nodes=['cvp1'], username="username",password="password") + +# Modify existing configlet + +configletName = "cvprac_example" + +configlet = """! +interface Ethernet10 + description DUB_R04 + ip address 10.144.144.2/24 +! +""" + +configletID = clnt.api.get_configlet_by_name(configletName)['key'] + +clnt.api.update_configlet( configlet, configletID, configletName) diff --git a/docs/labs/lab04-container-management/add_image_to_container.py b/docs/labs/lab04-container-management/add_image_to_container.py new file mode 100644 index 0000000..99fc05e --- /dev/null +++ b/docs/labs/lab04-container-management/add_image_to_container.py @@ -0,0 +1,21 @@ +# Copyright (c) 2020 Arista Networks, Inc. +# Use of this source code is governed by the Apache License 2.0 +# that can be found in the COPYING file. + +from cvprac.cvp_client import CvpClient +import ssl +ssl._create_default_https_context = ssl._create_unverified_context +import requests.packages.urllib3 +requests.packages.urllib3.disable_warnings() + +# Create connection to CloudVision +clnt = CvpClient() +clnt.connect(['cvp1'],'username', 'password') + +image_name = "vEOS-4.26.0.1F" +image = clnt.api.get_image_bundle_by_name(image_name) + +container_name = "TP_FABRIC" +container = clnt.api.get_container_by_name(container_name) + +clnt.api.apply_image_to_container(image, container) diff --git a/docs/labs/lab04-container-management/assign_configlet_to_container.py b/docs/labs/lab04-container-management/assign_configlet_to_container.py new file mode 100644 index 0000000..a6e8828 --- /dev/null +++ b/docs/labs/lab04-container-management/assign_configlet_to_container.py @@ -0,0 +1,23 @@ +# Copyright (c) 2020 Arista Networks, Inc. +# Use of this source code is governed by the Apache License 2.0 +# that can be found in the COPYING file. + +from cvprac.cvp_client import CvpClient +import ssl +ssl._create_default_https_context = ssl._create_unverified_context +import requests.packages.urllib3 +requests.packages.urllib3.disable_warnings() + +# Create connection to CloudVision +clnt = CvpClient() +clnt.connect(nodes=['cvp1'], username="username",password="password") + +container_name = "TP_LEAFS" + +configletName = 'cvprac_example2' + +container = clnt.api.get_container_by_name(container_name) + +configlet = clnt.api.get_configlet_by_name(configletName) + +clnt.api.apply_configlets_to_container("", container, [configlet]) diff --git a/docs/labs/lab04-container-management/create_container.py b/docs/labs/lab04-container-management/create_container.py new file mode 100644 index 0000000..6e5b8dc --- /dev/null +++ b/docs/labs/lab04-container-management/create_container.py @@ -0,0 +1,20 @@ +# Copyright (c) 2020 Arista Networks, Inc. +# Use of this source code is governed by the Apache License 2.0 +# that can be found in the COPYING file. + +from cvprac.cvp_client import CvpClient +import ssl +ssl._create_default_https_context = ssl._create_unverified_context +import requests.packages.urllib3 +requests.packages.urllib3.disable_warnings() + +# Create connection to CloudVision +clnt = CvpClient() +clnt.connect(['cvp1'],'username', 'password') + +# Get parent container information +parent = clnt.api.get_container_by_name("ContainerA") + +# Create new container ContainerB under ContainerA + +clnt.api.add_container("ContainerB",parent["name"],parent["key"]) diff --git a/docs/labs/lab04-container-management/remove_image_from_container.py b/docs/labs/lab04-container-management/remove_image_from_container.py new file mode 100644 index 0000000..8a48be8 --- /dev/null +++ b/docs/labs/lab04-container-management/remove_image_from_container.py @@ -0,0 +1,21 @@ +# Copyright (c) 2020 Arista Networks, Inc. +# Use of this source code is governed by the Apache License 2.0 +# that can be found in the COPYING file. + +from cvprac.cvp_client import CvpClient +import ssl +ssl._create_default_https_context = ssl._create_unverified_context +import requests.packages.urllib3 +requests.packages.urllib3.disable_warnings() + +# Create connection to CloudVision +clnt = CvpClient() +clnt.connect(['cvp1'],'username', 'password') + +image_name = "vEOS-4.26.0.1F" +image = clnt.api.get_image_bundle_by_name(image_name) + +container_name = "TP_FABRIC" +container = clnt.api.get_container_by_name(container_name) + +clnt.api.remove_image_from_container(image, container) diff --git a/docs/labs/lab04-container-management/rename_container.py b/docs/labs/lab04-container-management/rename_container.py new file mode 100644 index 0000000..74f4562 --- /dev/null +++ b/docs/labs/lab04-container-management/rename_container.py @@ -0,0 +1,32 @@ +from cvprac.cvp_client import CvpClient +import ssl +ssl._create_default_https_context = ssl._create_unverified_context +import requests.packages.urllib3 +requests.packages.urllib3.disable_warnings() + +# Create connection to CloudVision +clnt = CvpClient() +clnt.connect(['cvp1'],'username', 'password') +oldName = "test" +newName = "test121" + +container_id = clnt.api.get_container_by_name(oldName)['key'] + +data = {"data":[{"info": "Container {} renamed from {}".format(newName, oldName), + "infoPreview": "Container {} renamed from {}".format(newName, oldName), + "action": "update", + "nodeType": "container", + "nodeId": container_id, + "toId":"", + "fromId":"", + "nodeName": newName, + "fromName": "", + "toName": "", + "toIdType": "container", + "oldNodeName": oldName + } + ] + } + +clnt.api._add_temp_action(data) +clnt.api._save_topology_v2([]) diff --git a/docs/labs/lab05-device-management/add_image_to_devices.py b/docs/labs/lab05-device-management/add_image_to_devices.py new file mode 100644 index 0000000..9150a3c --- /dev/null +++ b/docs/labs/lab05-device-management/add_image_to_devices.py @@ -0,0 +1,21 @@ +# Copyright (c) 2021 Arista Networks, Inc. +# Use of this source code is governed by the Apache License 2.0 +# that can be found in the COPYING file. + +from cvprac.cvp_client import CvpClient +import ssl +ssl._create_default_https_context = ssl._create_unverified_context +import requests.packages.urllib3 +requests.packages.urllib3.disable_warnings() + +# Create connection to CloudVision +clnt = CvpClient() +clnt.connect(['cvp1'],'username', 'password') + +image_name = "vEOS-4.26.0.1F" +image = clnt.api.get_image_bundle_by_name(image_name) + +device_name = "tp-avd-leaf2" +device = clnt.api.get_device_by_name(device_name) + +clnt.api.apply_image_to_device(image, device) diff --git a/docs/labs/lab05-device-management/add_image_wo_tempaction.py b/docs/labs/lab05-device-management/add_image_wo_tempaction.py new file mode 100644 index 0000000..1100a5a --- /dev/null +++ b/docs/labs/lab05-device-management/add_image_wo_tempaction.py @@ -0,0 +1,100 @@ +# Copyright (c) 2021 Arista Networks, Inc. +# Use of this source code is governed by the Apache License 2.0 +# that can be found in the COPYING file. + +from cvprac.cvp_client import CvpClient +import json +import ssl +ssl._create_default_https_context = ssl._create_unverified_context +import requests.packages.urllib3 +requests.packages.urllib3.disable_warnings() + +# Create connection to CloudVision +clnt = CvpClient() +clnt.connect(['cvp1'],'username', 'password') + +image_name = "vEOS-4.26.0.1F" +image = clnt.api.get_image_bundle_by_name(image_name) + +device_name = "tp-avd-leaf2" +device = clnt.api.get_device_by_name(device_name) + +def apply_image_to_element_no_temp(image, element, name, id_type, create_task=True): + ''' Apply an image bundle to a device or container + A copy of the appl_image_to_element() function without creating a tempAction. + Useful in situations where we need to call saveTopology on a per tempAction basis, + which is only possible if the addTempAction function is not used and the data + that we would've passed in the addTempAction call is passed in the + saveTopology call. + Args: + image (dict): The image info. + element (dict): Info about the element to apply an image to. Dict + can contain device info or container info. + name (str): Name of the element the image is being applied to. + id_type (str): - Id type of the element the image is being applied to + - can be 'netelement' or 'container' + create_task (bool): Determines whether or not to execute a save + and create the tasks (if any) + Returns: + response (list): A list that contains the tempAction data + Ex: [{'NetworkRollbackTask': False, + 'taskJson': '[{ + "info": "Apply image: vEOS-4.26.0.1F to netelement tp-avd-leaf2", + "infoPreview": "Apply image: vEOS-4.26.0.1F to netelement tp-avd-leaf2", + "note": "", + "action": "associate", "nodeType": + "imagebundle", + "nodeId": "imagebundle_1622072231719691917", + "toId": "50:08:00:b1:5b:0b", + "toIdType": "netelement", + "fromId": "", + "nodeName": "vEOS-4.26.0.1F", + "fromName": "", " + toName": "tp-avd-leaf2", + "childTasks": [], + "parentTask": ""}]'}] + ''' + + print('Attempt to apply %s to %s %s' % (image['name'], + id_type, name)) + info = 'Apply image: %s to %s %s' % (image['name'], id_type, name) + node_id = '' + if 'imageBundleKeys' in image: + if image['imageBundleKeys']: + node_id = image['imageBundleKeys'][0] + print('Provided image is an image object.' + ' Using first value from imageBundleKeys - %s' + % node_id) + if 'id' in image: + node_id = image['id'] + print('Provided image is an image bundle object.' + ' Found v1 API id field - %s' % node_id) + elif 'key' in image: + node_id = image['key'] + print('Provided image is an image bundle object.' + ' Found v2 API key field - %s' % node_id) + data = [ + { + "NetworkRollbackTask": False, + "taskJson": json.dumps([{'info': info, + 'infoPreview': info, + 'note': '', + 'action': 'associate', + 'nodeType': 'imagebundle', + 'nodeId': node_id, + 'toId': element['key'], + 'toIdType': id_type, + 'fromId': '', + 'nodeName': image['name'], + 'fromName': '', + 'toName': name, + 'childTasks': [], + 'parentTask': ''}]) + } + ] + return data + +create_task = False +tempAction = apply_image_to_element_no_temp(image, device, device['fqdn'], 'netelement', create_task) + +clnt.api._save_topology_v2(tempAction)
\ No newline at end of file diff --git a/docs/labs/lab05-device-management/remove_image_from_device.py b/docs/labs/lab05-device-management/remove_image_from_device.py new file mode 100644 index 0000000..5e9910c --- /dev/null +++ b/docs/labs/lab05-device-management/remove_image_from_device.py @@ -0,0 +1,21 @@ +# Copyright (c) 2021 Arista Networks, Inc. +# Use of this source code is governed by the Apache License 2.0 +# that can be found in the COPYING file. + +from cvprac.cvp_client import CvpClient +import ssl +ssl._create_default_https_context = ssl._create_unverified_context +import requests.packages.urllib3 +requests.packages.urllib3.disable_warnings() + +# Create connection to CloudVision +clnt = CvpClient() +clnt.connect(['cvp1'],'username', 'password') + +image_name = "vEOS-4.26.0.1F" +image = clnt.api.get_image_bundle_by_name(image_name) + +device_name = "tp-avd-leaf2" +device = clnt.api.get_device_by_name(device_name) + +clnt.api.remove_image_from_device(image, device) diff --git a/docs/labs/lab05-device-management/set_mgmt_ip.py b/docs/labs/lab05-device-management/set_mgmt_ip.py new file mode 100644 index 0000000..f0c33f1 --- /dev/null +++ b/docs/labs/lab05-device-management/set_mgmt_ip.py @@ -0,0 +1,34 @@ +# Copyright (c) 2021 Arista Networks, Inc. +# Use of this source code is governed by the Apache License 2.0 +# that can be found in the COPYING file. + +from cvprac.cvp_client import CvpClient +import ssl +ssl._create_default_https_context = ssl._create_unverified_context +import requests.packages.urllib3 +requests.packages.urllib3.disable_warnings() + +# Create connection to CloudVision +clnt = CvpClient() +clnt.connect(['cvp1'],'username', 'password') + + +data = {"data":[{"info":"Device IP Address Changed", + "infoPreview":"<b> Device IP Address Changed to 10.83.13.214</b>", + "action":"associate", + "nodeType":"ipaddress", + "nodeId":"", + "toId":"50:08:00:a7:ca:c3", # MAC of the device + "fromId":"", + "nodeName":"", + "fromName":"", + "toName":"tp-avd-leaf1", # hostname + "toIdType":"netelement", + "nodeIpAddress":"10.83.13.219", # the temporary management IP Address + "nodeTargetIpAddress":"10.83.13.214" # the final management IP address + } + ] + } +clnt.api._add_temp_action(data) + +clnt.api._save_topology_v2([]) diff --git a/docs/labs/lab06-provisioning/atd_e2e_provisioning_workflow.py b/docs/labs/lab06-provisioning/atd_e2e_provisioning_workflow.py new file mode 100644 index 0000000..8d4445f --- /dev/null +++ b/docs/labs/lab06-provisioning/atd_e2e_provisioning_workflow.py @@ -0,0 +1,120 @@ +# Copyright (c) 2021 Arista Networks, Inc. +# Use of this source code is governed by the Apache License 2.0 +# that can be found in the COPYING file. + +# This script is an example on provisioning registered devices in CloudVision that is based on +# Arista Test Drive (ATD) and similar to what the ansible playbooks do in +# https://github.com/arista-netdevops-community/atd-avd. +# It does the following: +# - creates and uploads configlets, +# - creates the container hierarchy in Network Provisiong +# - moves the devices to their target containers +# - assigns the configlets to the devices +# - creates a change control from the genereated tasks +# - approves and executes the change control + +import uuid +import time +import ssl +from datetime import datetime +from cvprac.cvp_client import CvpClient +ssl._create_default_https_context = ssl._create_unverified_context + +# Create connection to CloudVision +clnt = CvpClient() +clnt.connect(['cvp1'],'username', 'password') + +# Create container topology +container_name = "DC1_LEAFS" +container_topology = [{"containerName": "ATD_FABRIC", "parentContainerName": 'Tenant'}, + {"containerName": "ATD_LEAFS", "parentContainerName": 'ATD_FABRIC'}, + {"containerName": "pod1", "parentContainerName": 'ATD_LEAFS'}, + {"containerName": "pod2", "parentContainerName": 'ATD_LEAFS'}, + {"containerName": "ATD_SERVERS", "parentContainerName": 'ATD_FABRIC'}, + {"containerName": "ATD_SPINES", "parentContainerName": 'ATD_FABRIC'}, + {"containerName": "ATD_TENANT_NETWORKS", "parentContainerName": 'ATD_FABRIC'}] +for container in container_topology: + try: + container_name = container['containerName'] + # Get parent container information + parent = clnt.api.get_container_by_name(container['parentContainerName']) + print(f'Creating container {container_name}\n') + clnt.api.add_container(container_name,parent["name"],parent["key"]) + except Exception as e: + if "Data already exists in Database" in str(e): + print ("Container already exists, continuing...") + +# Create device mappers +devices = [{'deviceName': "leaf1", + 'configlets': ["BaseIPv4_Leaf1", "AVD_leaf1"], + "parentContainerName": "pod1"}, + {'deviceName': "leaf2", + 'configlets': ["BaseIPv4_Leaf2", "AVD_leaf2"], + "parentContainerName": "pod1"}, + {'deviceName': "leaf3", + 'configlets': ["BaseIPv4_Leaf3", "AVD_leaf3"], + "parentContainerName": "pod2"}, + {'deviceName': "leaf4", + 'configlets': ["BaseIPv4_Leaf4", "AVD_leaf4"], + "parentContainerName": "pod2"}, + {'deviceName': "spine1", + 'configlets': ["BaseIPv4_Spine1", "AVD_spine1"], + "parentContainerName": "ATD_SPINES"}, + {'deviceName': "spine2", + 'configlets': ["BaseIPv4_Spine2", "AVD_spine2"], + "parentContainerName": "ATD_SPINES"}] + +task_list = [] +for device in devices: + # Load the AVD configlets from file + with open("./configlets/AVD_" + device['deviceName'] + ".cfg", "r") as file: + configlet_file = file.read() + avd_configlet_name = device['configlets'][1] + base_configlet_name = device['configlets'][0] # preloaded configlet in an ATD environment + container_name = device['parentContainerName'] + base_configlet = clnt.api.get_configlet_by_name(base_configlet_name) + configlets = [base_configlet] + # Update the AVD configlets if they exist, otherwise upload them from the configlets folder + print (f"Creating configlet {avd_configlet_name} for {device['deviceName']}\n") + try: + configlet = clnt.api.get_configlet_by_name(avd_configlet_name) + clnt.api.update_configlet(configlet_file, configlet['key'], avd_configlet_name) + configlets.append(configlet) + except: + clnt.api.add_configlet(avd_configlet_name, configlet_file) + configlet = clnt.api.get_configlet_by_name(avd_configlet_name) + configlets.append(configlet) + # Get device data + device_data = clnt.api.get_device_by_name(device['deviceName'] + ".atd.lab") + # Get the parent container data for the device + container = clnt.api.get_container_by_name(container_name) + device_name = device['deviceName'] + print(f"Moving device {device_name} to container {container_name}\n") + # The move action will create the task first, however if the devices are already in the target + # container, for instance if the script was run multiple times than the move action will + # not generate a task anymore, therefore it's better to create the task list from the + # Update Config action which will reuse the Move Device action's task if one exists, + # otherwise will create a new one. + move = clnt.api.move_device_to_container("python", device_data, container) + apply_configlets = clnt.api.apply_configlets_to_device("", device_data, configlets) + task_list = task_list + apply_configlets['data']['taskIds'] + +print(f"Generated task IDs are: {task_list}\n") + +# Generate unique ID for the change control +cc_id = str(uuid.uuid4()) +cc_name = f"Change_{datetime.now().strftime('%Y%m%d_%H%M%S')}" + +print("Creating Change control with the list of tasks") +clnt.api.change_control_create_for_tasks(cc_id, cc_name, task_list, series=False) + +print("Approving Change Control") +# adding a few seconds sleep to avoid small time diff between the local system and CVP +time.sleep(2) +approve_note = "Approving CC via cvprac" +clnt.api.change_control_approve(cc_id, notes=approve_note) + +# Start the change control +print("Executing Change Control...") +start_note = "Start the CC via cvprac" +clnt.api.change_control_start(cc_id, notes=start_note) diff --git a/docs/labs/lab06-provisioning/auto_reconcile_on_rc_change.py b/docs/labs/lab06-provisioning/auto_reconcile_on_rc_change.py new file mode 100644 index 0000000..cff820d --- /dev/null +++ b/docs/labs/lab06-provisioning/auto_reconcile_on_rc_change.py @@ -0,0 +1,64 @@ +# Copyright (c) 2022 Arista Networks, Inc. +# Use of this source code is governed by the Apache License 2.0 +# that can be found in the COPYING file. + +# This script can be run as a cronjob to periodically reconcile all devices +# that are out of configuration compliance in environments where the running-config +# is still modified via the CLI often. +from cvprac.cvp_client import CvpClient +import ssl +from datetime import datetime +ssl._create_default_https_context = ssl._create_unverified_context +import requests.packages.urllib3 +requests.packages.urllib3.disable_warnings() +clnt = CvpClient() +clnt.set_log_level(log_level='WARNING') + +# Reading the service account token from a file +with open("token.tok") as f: + token = f.read().strip('\n') + +clnt = CvpClient() +clnt.connect(nodes=['cvp1'], username='',password='',api_token=token) + +inventory = clnt.api.get_inventory() + +compliance = {"0001": "Config is out of sync", + "0003": "Config & image out of sync", + "0004": "Config, Image and Device time are in sync", + "0005": "Device is not reachable", + "0008": "Config, Image and Extensions are out of sync", + "0009": "Config and Extensions are out of sync", + "0012": "Config, Image, Extension and Device time are out of sync", + "0013": "Config, Image and Device time are out of sync", + "0014": "Config, Extensions and Device time are out of sync", + "0016": "Config and Device time are out of sync" + } + +non_compliants = [] +taskIds = [] +for device in inventory: + if device['complianceCode'] in compliance.keys(): + # create a list of non-compliant devices for reporting purposes + non_compliants.append(device['hostname']) + dev_mac = device['systemMacAddress'] + # check if device already has reconciled config and save the key if it does + try: + configlets = clnt.api.get_configlets_by_device_id(dev_mac) + for configlet in configlets: + if configlet['reconciled'] == True: + configlet_key = configlet['key'] + break + else: + configlet_key = "" + rc = clnt.api.get_device_configuration(dev_mac) + name = 'RECONCILE_' + device['serialNumber'] + update = clnt.api.update_reconcile_configlet(dev_mac, rc, configlet_key, name, True) + # if the device had no reconciled config, it means we need to append the reconciled + # configlet to the list of applied configlets on the device + if configlet_key == "": + addcfg = clnt.api.apply_configlets_to_device("auto-reconciling",device,[update['data']]) + clnt.api.cancel_task(addcfg['data']['taskIds'][0]) + except Exception as e: + continue +print(f"The non compliant devices were: {str(non_compliants)}") diff --git a/docs/labs/lab06-provisioning/change_control_custom_rapi.py b/docs/labs/lab06-provisioning/change_control_custom_rapi.py new file mode 100644 index 0000000..0290af7 --- /dev/null +++ b/docs/labs/lab06-provisioning/change_control_custom_rapi.py @@ -0,0 +1,81 @@ +# Copyright (c) 2021 Arista Networks, Inc. +# Use of this source code is governed by the Apache License 2.0 +# that can be found in the COPYING file. +# +# NOTE: The following example is using the new Change Control Resource APIs supported in 2021.2.0 or newer and in CVaaS. +# For CVaaS service-account token based auth has to be used. + +from cvprac.cvp_client import CvpClient +import ssl +import uuid +from datetime import datetime +ssl._create_default_https_context = ssl._create_unverified_context +import requests.packages.urllib3 +requests.packages.urllib3.disable_warnings() + +# Create connection to CloudVision +clnt = CvpClient() +clnt.connect(['cvp1'],'username', 'password') + + +cc_id = str(uuid.uuid4()) +name = f"Change_{datetime.now().strftime('%Y%m%d_%H%M%S')}" + +# Create custom stage hierarchy +# The below example would result in the following hierarchy: +# root (series) +# |- stages 1-2 (series) +# | |- stage 1ab (parallel) +# | | |- stage 1a +# | | |- stage 1b +# | |- stage 2 +# |- stage 3 +data = {'key': { + 'id': cc_id + }, + 'change': { + 'name': cc_id, + 'notes': 'cvprac CC', + 'rootStageId': 'root', + 'stages': {'values': {'root': {'name': 'root', + 'rows': {'values': [{'values': ['1-2']}, + {'values': ['3']}] + } + }, + '1-2': {'name': 'stages 1-2', + 'rows': {'values': [{'values': ['1ab']}, + {'values': ['2']}]}}, + '1ab': {'name': 'stage 1ab', + 'rows': {'values': [{'values': ['1a','1b']}] + } + }, + '1a': {'action': {'args': {'values': {'TaskID': '1242'}}, + 'name': 'task', + 'timeout': 3000}, + 'name': 'stage 1a'}, + '1b': {'action': {'args': {'values': {'TaskID': '1243'}}, + 'name': 'task', + 'timeout': 3000}, + 'name': 'stage 1b'}, + '2': {'action': {'args': {'values': {'TaskID': '1240'}}, + 'name': 'task', + 'timeout': 3000}, + 'name': 'stage 2'}, + '3': {'action': {'args': {'values': {'TaskID': '1241'}}, + 'name': 'task', + 'timeout': 3000}, + 'name': 'stage 3'}, + } + } + } + } +# Create change control from custom stage hierarchy data +clnt.api.change_control_create_with_custom_stages(data) + +# Approve the change control +approval_note = "Approve CC via cvprac" # notes are optional +clnt.api.change_control_approve(cc_id, notes=approval_note) + +# Start the change control +start_note = "Starting CC via cvprac" # notes are optional +clnt.api.change_control_start(cc_id, notes=start_note) diff --git a/docs/labs/lab06-provisioning/change_control_workflow.py b/docs/labs/lab06-provisioning/change_control_workflow.py new file mode 100644 index 0000000..c374edf --- /dev/null +++ b/docs/labs/lab06-provisioning/change_control_workflow.py @@ -0,0 +1,27 @@ +# Copyright (c) 2021 Arista Networks, Inc. +# Use of this source code is governed by the Apache License 2.0 +# that can be found in the COPYING file. + +from cvprac.cvp_client import CvpClient +import ssl +ssl._create_default_https_context = ssl._create_unverified_context +import requests.packages.urllib3 +requests.packages.urllib3.disable_warnings() +from datetime import datetime + +# Note API token auth method is not yet supported with Change Controls +clnt = CvpClient() +clnt.connect(['cvp1'],'username', 'password') + +ccid = 'cvprac0904211418' +name = "cvprac CC test" +tlist = ['1021','1020','1019','1018'] + +### Create Change control with the list of tasks +clnt.api.create_change_control_v3(ccid, name, tlist) + +### Approve CC +clnt.api.approve_change_control('cvprac0904211418', timestamp=datetime.utcnow().isoformat() + 'Z') + +### Execute CC +clnt.api.execute_change_controls(['cvprac0904211418']) diff --git a/docs/labs/lab06-provisioning/change_control_workflow_rapi.py b/docs/labs/lab06-provisioning/change_control_workflow_rapi.py new file mode 100644 index 0000000..299d16a --- /dev/null +++ b/docs/labs/lab06-provisioning/change_control_workflow_rapi.py @@ -0,0 +1,40 @@ +# Copyright (c) 2021 Arista Networks, Inc. +# Use of this source code is governed by the Apache License 2.0 +# that can be found in the COPYING file. +# +# NOTE: The following example is using the new Change Control Resource APIs supported in 2021.2.0 or newer and in CVaaS. +# For CVaaS service-account token based auth has to be used. + +from cvprac.cvp_client import CvpClient +import ssl +import uuid +from datetime import datetime +ssl._create_default_https_context = ssl._create_unverified_context +import requests.packages.urllib3 +requests.packages.urllib3.disable_warnings() + +# Create connection to CloudVision +clnt = CvpClient() +clnt.connect(['cvp1'],'username', 'password') + +# Generate change control id and change control name +cc_id = str(uuid.uuid4()) +name = f"Change_{datetime.now().strftime('%Y%m%d_%H%M%S')}" + +# Select the tasks and create a CC where all tasks will be run in parallel +tasks = ["1249","1250","1251","1252"] +clnt.api.change_control_create_for_tasks(cc_id, name, tasks, series=False) + +# Approve the change control +approve_note = "Approving CC via cvprac" +clnt.api.change_control_approve(cc_id, notes=approve_note) + +# # Schedule the change control +# # Executing scheduled CCs might only work post 2021.3.0+ +# schedule_note = "Scheduling CC via cvprac" +# schedule_time = "2021-12-23T03:17:00Z" +# clnt.api.change_control_schedule(cc_id,schedule_time,notes=schedule_note) + +# Start the change control +start_note = "Start the CC via cvprac" +clnt.api.change_control_start(cc_id, notes=start_note)
\ No newline at end of file diff --git a/docs/labs/lab06-provisioning/configlets/AVD_leaf1.cfg b/docs/labs/lab06-provisioning/configlets/AVD_leaf1.cfg new file mode 100644 index 0000000..1339d6f --- /dev/null +++ b/docs/labs/lab06-provisioning/configlets/AVD_leaf1.cfg @@ -0,0 +1,255 @@ +!RANCID-CONTENT-TYPE: arista +! +vlan internal order ascending range 1006 1199 +! +transceiver qsfp default-mode 4x10G +! +service routing protocols model multi-agent +! +hostname leaf1 +ip name-server vrf default 8.8.8.8 +ip name-server vrf default 192.168.2.1 +dns domain atd.lab +! +spanning-tree mode mstp +no spanning-tree vlan-id 4093-4094 +spanning-tree mst 0 priority 16384 +! +no enable password +no aaa root +! +vlan 110 + name Tenant_A_OP_Zone_1 +! +vlan 160 + name Tenant_A_VMOTION +! +vlan 3009 + name MLAG_iBGP_Tenant_A_OP_Zone + trunk group LEAF_PEER_L3 +! +vlan 4093 + name LEAF_PEER_L3 + trunk group LEAF_PEER_L3 +! +vlan 4094 + name MLAG_PEER + trunk group MLAG +! +vrf instance Tenant_A_OP_Zone +! +interface Port-Channel1 + description MLAG_PEER_leaf2_Po1 + no shutdown + switchport + switchport trunk allowed vlan 2-4094 + switchport mode trunk + switchport trunk group LEAF_PEER_L3 + switchport trunk group MLAG +! +interface Port-Channel4 + description host1_PortChannel + no shutdown + switchport + switchport access vlan 110 + mlag 4 +! +interface Ethernet1 + description MLAG_PEER_leaf2_Ethernet1 + no shutdown + channel-group 1 mode active +! +interface Ethernet2 + description P2P_LINK_TO_SPINE1_Ethernet2 + no shutdown + mtu 1500 + no switchport + ip address 172.30.255.1/31 +! +interface Ethernet3 + description P2P_LINK_TO_SPINE2_Ethernet2 + no shutdown + mtu 1500 + no switchport + ip address 172.30.255.3/31 +! +interface Ethernet4 + description host1_Eth1 + no shutdown + channel-group 4 mode active +! +interface Ethernet5 + description host1_Eth2 + no shutdown + channel-group 4 mode active +! +interface Ethernet6 + description MLAG_PEER_leaf2_Ethernet6 + no shutdown + channel-group 1 mode active +! +interface Loopback0 + description EVPN_Overlay_Peering + no shutdown + ip address 192.0.255.3/32 +! +interface Loopback1 + description VTEP_VXLAN_Tunnel_Source + no shutdown + ip address 192.0.254.3/32 +! +interface Loopback100 + description Tenant_A_OP_Zone_VTEP_DIAGNOSTICS + no shutdown + vrf Tenant_A_OP_Zone + ip address 10.255.1.3/32 +! +interface Management1 + description oob_management + no shutdown + ip address 192.168.0.12/24 +! +interface Vlan110 + description Tenant_A_OP_Zone_1 + no shutdown + vrf Tenant_A_OP_Zone + ip address virtual 10.1.10.1/24 +! +interface Vlan3009 + description MLAG_PEER_L3_iBGP: vrf Tenant_A_OP_Zone + no shutdown + mtu 1500 + vrf Tenant_A_OP_Zone + ip address 10.255.251.0/31 +! +interface Vlan4093 + description MLAG_PEER_L3_PEERING + no shutdown + mtu 1500 + ip address 10.255.251.0/31 +! +interface Vlan4094 + description MLAG_PEER + no shutdown + mtu 1500 + no autostate + ip address 10.255.252.0/31 +! +interface Vxlan1 + description leaf1_VTEP + vxlan source-interface Loopback1 + vxlan virtual-router encapsulation mac-address mlag-system-id + vxlan udp-port 4789 + vxlan vlan 110 vni 10110 + vxlan vlan 160 vni 55160 + vxlan vrf Tenant_A_OP_Zone vni 10 +! +ip virtual-router mac-address 00:1c:73:00:dc:01 +! +ip address virtual source-nat vrf Tenant_A_OP_Zone address 10.255.1.3 +! +ip routing +ip routing vrf Tenant_A_OP_Zone +! +ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY + seq 10 permit 192.0.255.0/24 eq 32 + seq 20 permit 192.0.254.0/24 eq 32 +! +mlag configuration + domain-id pod1 + local-interface Vlan4094 + peer-address 10.255.252.1 + peer-link Port-Channel1 + reload-delay mlag 300 + reload-delay non-mlag 330 +! +ip route 0.0.0.0/0 192.168.0.1 +! +route-map RM-CONN-2-BGP permit 10 + match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY +! +route-map RM-MLAG-PEER-IN permit 10 + description Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing + set origin incomplete +! +router bfd + multihop interval 1200 min-rx 1200 multiplier 3 +! +router bgp 65101 + router-id 192.0.255.3 + no bgp default ipv4-unicast + distance bgp 20 200 200 + graceful-restart restart-time 300 + graceful-restart + maximum-paths 4 ecmp 4 + neighbor EVPN-OVERLAY-PEERS peer group + neighbor EVPN-OVERLAY-PEERS update-source Loopback0 + neighbor EVPN-OVERLAY-PEERS bfd + neighbor EVPN-OVERLAY-PEERS ebgp-multihop 3 + neighbor EVPN-OVERLAY-PEERS password 7 q+VNViP5i4rVjW1cxFv2wA== + neighbor EVPN-OVERLAY-PEERS send-community + neighbor EVPN-OVERLAY-PEERS maximum-routes 0 + neighbor IPv4-UNDERLAY-PEERS peer group + neighbor IPv4-UNDERLAY-PEERS password 7 AQQvKeimxJu+uGQ/yYvv9w== + neighbor IPv4-UNDERLAY-PEERS send-community + neighbor IPv4-UNDERLAY-PEERS maximum-routes 12000 + neighbor MLAG-IPv4-UNDERLAY-PEER peer group + neighbor MLAG-IPv4-UNDERLAY-PEER remote-as 65101 + neighbor MLAG-IPv4-UNDERLAY-PEER next-hop-self + neighbor MLAG-IPv4-UNDERLAY-PEER description leaf2 + neighbor MLAG-IPv4-UNDERLAY-PEER password 7 vnEaG8gMeQf3d3cN6PktXQ== + neighbor MLAG-IPv4-UNDERLAY-PEER send-community + neighbor MLAG-IPv4-UNDERLAY-PEER maximum-routes 12000 + neighbor MLAG-IPv4-UNDERLAY-PEER route-map RM-MLAG-PEER-IN in + neighbor 10.255.251.1 peer group MLAG-IPv4-UNDERLAY-PEER + neighbor 10.255.251.1 description leaf2 + neighbor 172.30.255.0 peer group IPv4-UNDERLAY-PEERS + neighbor 172.30.255.0 remote-as 65001 + neighbor 172.30.255.0 description spine1_Ethernet2 + neighbor 172.30.255.2 peer group IPv4-UNDERLAY-PEERS + neighbor 172.30.255.2 remote-as 65001 + neighbor 172.30.255.2 description spine2_Ethernet2 + neighbor 192.0.255.1 peer group EVPN-OVERLAY-PEERS + neighbor 192.0.255.1 remote-as 65001 + neighbor 192.0.255.1 description spine1 + neighbor 192.0.255.2 peer group EVPN-OVERLAY-PEERS + neighbor 192.0.255.2 remote-as 65001 + neighbor 192.0.255.2 description spine2 + redistribute connected route-map RM-CONN-2-BGP + ! + vlan-aware-bundle Tenant_A_OP_Zone + rd 192.0.255.3:10 + route-target both 10:10 + redistribute learned + vlan 110 + ! + vlan-aware-bundle Tenant_A_VMOTION + rd 192.0.255.3:55160 + route-target both 55160:55160 + redistribute learned + vlan 160 + ! + address-family evpn + neighbor EVPN-OVERLAY-PEERS activate + ! + address-family ipv4 + no neighbor EVPN-OVERLAY-PEERS activate + neighbor IPv4-UNDERLAY-PEERS activate + neighbor MLAG-IPv4-UNDERLAY-PEER activate + ! + vrf Tenant_A_OP_Zone + rd 192.0.255.3:10 + route-target import evpn 10:10 + route-target export evpn 10:10 + router-id 192.0.255.3 + neighbor 10.255.251.1 peer group MLAG-IPv4-UNDERLAY-PEER + redistribute connected +! +management api http-commands + protocol https + no shutdown + ! + vrf default + no shutdown +! +end diff --git a/docs/labs/lab06-provisioning/configlets/AVD_leaf2.cfg b/docs/labs/lab06-provisioning/configlets/AVD_leaf2.cfg new file mode 100644 index 0000000..7305516 --- /dev/null +++ b/docs/labs/lab06-provisioning/configlets/AVD_leaf2.cfg @@ -0,0 +1,255 @@ +!RANCID-CONTENT-TYPE: arista +! +vlan internal order ascending range 1006 1199 +! +transceiver qsfp default-mode 4x10G +! +service routing protocols model multi-agent +! +hostname leaf2 +ip name-server vrf default 8.8.8.8 +ip name-server vrf default 192.168.2.1 +dns domain atd.lab +! +spanning-tree mode mstp +no spanning-tree vlan-id 4093-4094 +spanning-tree mst 0 priority 16384 +! +no enable password +no aaa root +! +vlan 110 + name Tenant_A_OP_Zone_1 +! +vlan 160 + name Tenant_A_VMOTION +! +vlan 3009 + name MLAG_iBGP_Tenant_A_OP_Zone + trunk group LEAF_PEER_L3 +! +vlan 4093 + name LEAF_PEER_L3 + trunk group LEAF_PEER_L3 +! +vlan 4094 + name MLAG_PEER + trunk group MLAG +! +vrf instance Tenant_A_OP_Zone +! +interface Port-Channel1 + description MLAG_PEER_leaf1_Po1 + no shutdown + switchport + switchport trunk allowed vlan 2-4094 + switchport mode trunk + switchport trunk group LEAF_PEER_L3 + switchport trunk group MLAG +! +interface Port-Channel4 + description host1_PortChannel + no shutdown + switchport + switchport access vlan 110 + mlag 4 +! +interface Ethernet1 + description MLAG_PEER_leaf1_Ethernet1 + no shutdown + channel-group 1 mode active +! +interface Ethernet2 + description P2P_LINK_TO_SPINE1_Ethernet3 + no shutdown + mtu 1500 + no switchport + ip address 172.30.255.5/31 +! +interface Ethernet3 + description P2P_LINK_TO_SPINE2_Ethernet3 + no shutdown + mtu 1500 + no switchport + ip address 172.30.255.7/31 +! +interface Ethernet4 + description host1_Eth3 + no shutdown + channel-group 4 mode active +! +interface Ethernet5 + description host1_Eth4 + no shutdown + channel-group 4 mode active +! +interface Ethernet6 + description MLAG_PEER_leaf1_Ethernet6 + no shutdown + channel-group 1 mode active +! +interface Loopback0 + description EVPN_Overlay_Peering + no shutdown + ip address 192.0.255.4/32 +! +interface Loopback1 + description VTEP_VXLAN_Tunnel_Source + no shutdown + ip address 192.0.254.3/32 +! +interface Loopback100 + description Tenant_A_OP_Zone_VTEP_DIAGNOSTICS + no shutdown + vrf Tenant_A_OP_Zone + ip address 10.255.1.4/32 +! +interface Management1 + description oob_management + no shutdown + ip address 192.168.0.13/24 +! +interface Vlan110 + description Tenant_A_OP_Zone_1 + no shutdown + vrf Tenant_A_OP_Zone + ip address virtual 10.1.10.1/24 +! +interface Vlan3009 + description MLAG_PEER_L3_iBGP: vrf Tenant_A_OP_Zone + no shutdown + mtu 1500 + vrf Tenant_A_OP_Zone + ip address 10.255.251.1/31 +! +interface Vlan4093 + description MLAG_PEER_L3_PEERING + no shutdown + mtu 1500 + ip address 10.255.251.1/31 +! +interface Vlan4094 + description MLAG_PEER + no shutdown + mtu 1500 + no autostate + ip address 10.255.252.1/31 +! +interface Vxlan1 + description leaf2_VTEP + vxlan source-interface Loopback1 + vxlan virtual-router encapsulation mac-address mlag-system-id + vxlan udp-port 4789 + vxlan vlan 110 vni 10110 + vxlan vlan 160 vni 55160 + vxlan vrf Tenant_A_OP_Zone vni 10 +! +ip virtual-router mac-address 00:1c:73:00:dc:01 +! +ip address virtual source-nat vrf Tenant_A_OP_Zone address 10.255.1.4 +! +ip routing +ip routing vrf Tenant_A_OP_Zone +! +ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY + seq 10 permit 192.0.255.0/24 eq 32 + seq 20 permit 192.0.254.0/24 eq 32 +! +mlag configuration + domain-id pod1 + local-interface Vlan4094 + peer-address 10.255.252.0 + peer-link Port-Channel1 + reload-delay mlag 300 + reload-delay non-mlag 330 +! +ip route 0.0.0.0/0 192.168.0.1 +! +route-map RM-CONN-2-BGP permit 10 + match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY +! +route-map RM-MLAG-PEER-IN permit 10 + description Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing + set origin incomplete +! +router bfd + multihop interval 1200 min-rx 1200 multiplier 3 +! +router bgp 65101 + router-id 192.0.255.4 + no bgp default ipv4-unicast + distance bgp 20 200 200 + graceful-restart restart-time 300 + graceful-restart + maximum-paths 4 ecmp 4 + neighbor EVPN-OVERLAY-PEERS peer group + neighbor EVPN-OVERLAY-PEERS update-source Loopback0 + neighbor EVPN-OVERLAY-PEERS bfd + neighbor EVPN-OVERLAY-PEERS ebgp-multihop 3 + neighbor EVPN-OVERLAY-PEERS password 7 q+VNViP5i4rVjW1cxFv2wA== + neighbor EVPN-OVERLAY-PEERS send-community + neighbor EVPN-OVERLAY-PEERS maximum-routes 0 + neighbor IPv4-UNDERLAY-PEERS peer group + neighbor IPv4-UNDERLAY-PEERS password 7 AQQvKeimxJu+uGQ/yYvv9w== + neighbor IPv4-UNDERLAY-PEERS send-community + neighbor IPv4-UNDERLAY-PEERS maximum-routes 12000 + neighbor MLAG-IPv4-UNDERLAY-PEER peer group + neighbor MLAG-IPv4-UNDERLAY-PEER remote-as 65101 + neighbor MLAG-IPv4-UNDERLAY-PEER next-hop-self + neighbor MLAG-IPv4-UNDERLAY-PEER description leaf1 + neighbor MLAG-IPv4-UNDERLAY-PEER password 7 vnEaG8gMeQf3d3cN6PktXQ== + neighbor MLAG-IPv4-UNDERLAY-PEER send-community + neighbor MLAG-IPv4-UNDERLAY-PEER maximum-routes 12000 + neighbor MLAG-IPv4-UNDERLAY-PEER route-map RM-MLAG-PEER-IN in + neighbor 10.255.251.0 peer group MLAG-IPv4-UNDERLAY-PEER + neighbor 10.255.251.0 description leaf1 + neighbor 172.30.255.4 peer group IPv4-UNDERLAY-PEERS + neighbor 172.30.255.4 remote-as 65001 + neighbor 172.30.255.4 description spine1_Ethernet3 + neighbor 172.30.255.6 peer group IPv4-UNDERLAY-PEERS + neighbor 172.30.255.6 remote-as 65001 + neighbor 172.30.255.6 description spine2_Ethernet3 + neighbor 192.0.255.1 peer group EVPN-OVERLAY-PEERS + neighbor 192.0.255.1 remote-as 65001 + neighbor 192.0.255.1 description spine1 + neighbor 192.0.255.2 peer group EVPN-OVERLAY-PEERS + neighbor 192.0.255.2 remote-as 65001 + neighbor 192.0.255.2 description spine2 + redistribute connected route-map RM-CONN-2-BGP + ! + vlan-aware-bundle Tenant_A_OP_Zone + rd 192.0.255.4:10 + route-target both 10:10 + redistribute learned + vlan 110 + ! + vlan-aware-bundle Tenant_A_VMOTION + rd 192.0.255.4:55160 + route-target both 55160:55160 + redistribute learned + vlan 160 + ! + address-family evpn + neighbor EVPN-OVERLAY-PEERS activate + ! + address-family ipv4 + no neighbor EVPN-OVERLAY-PEERS activate + neighbor IPv4-UNDERLAY-PEERS activate + neighbor MLAG-IPv4-UNDERLAY-PEER activate + ! + vrf Tenant_A_OP_Zone + rd 192.0.255.4:10 + route-target import evpn 10:10 + route-target export evpn 10:10 + router-id 192.0.255.4 + neighbor 10.255.251.0 peer group MLAG-IPv4-UNDERLAY-PEER + redistribute connected +! +management api http-commands + protocol https + no shutdown + ! + vrf default + no shutdown +! +end diff --git a/docs/labs/lab06-provisioning/configlets/AVD_leaf3.cfg b/docs/labs/lab06-provisioning/configlets/AVD_leaf3.cfg new file mode 100644 index 0000000..b71d210 --- /dev/null +++ b/docs/labs/lab06-provisioning/configlets/AVD_leaf3.cfg @@ -0,0 +1,255 @@ +!RANCID-CONTENT-TYPE: arista +! +vlan internal order ascending range 1006 1199 +! +transceiver qsfp default-mode 4x10G +! +service routing protocols model multi-agent +! +hostname leaf3 +ip name-server vrf default 8.8.8.8 +ip name-server vrf default 192.168.2.1 +dns domain atd.lab +! +spanning-tree mode mstp +no spanning-tree vlan-id 4093-4094 +spanning-tree mst 0 priority 16384 +! +no enable password +no aaa root +! +vlan 110 + name Tenant_A_OP_Zone_1 +! +vlan 160 + name Tenant_A_VMOTION +! +vlan 3009 + name MLAG_iBGP_Tenant_A_OP_Zone + trunk group LEAF_PEER_L3 +! +vlan 4093 + name LEAF_PEER_L3 + trunk group LEAF_PEER_L3 +! +vlan 4094 + name MLAG_PEER + trunk group MLAG +! +vrf instance Tenant_A_OP_Zone +! +interface Port-Channel1 + description MLAG_PEER_leaf4_Po1 + no shutdown + switchport + switchport trunk allowed vlan 2-4094 + switchport mode trunk + switchport trunk group LEAF_PEER_L3 + switchport trunk group MLAG +! +interface Port-Channel4 + description host2_PortChannel + no shutdown + switchport + switchport access vlan 110 + mlag 4 +! +interface Ethernet1 + description MLAG_PEER_leaf4_Ethernet1 + no shutdown + channel-group 1 mode active +! +interface Ethernet2 + description P2P_LINK_TO_SPINE1_Ethernet4 + no shutdown + mtu 1500 + no switchport + ip address 172.30.255.9/31 +! +interface Ethernet3 + description P2P_LINK_TO_SPINE2_Ethernet4 + no shutdown + mtu 1500 + no switchport + ip address 172.30.255.11/31 +! +interface Ethernet4 + description host2_Eth1 + no shutdown + channel-group 4 mode active +! +interface Ethernet5 + description host2_Eth2 + no shutdown + channel-group 4 mode active +! +interface Ethernet6 + description MLAG_PEER_leaf4_Ethernet6 + no shutdown + channel-group 1 mode active +! +interface Loopback0 + description EVPN_Overlay_Peering + no shutdown + ip address 192.0.255.5/32 +! +interface Loopback1 + description VTEP_VXLAN_Tunnel_Source + no shutdown + ip address 192.0.254.5/32 +! +interface Loopback100 + description Tenant_A_OP_Zone_VTEP_DIAGNOSTICS + no shutdown + vrf Tenant_A_OP_Zone + ip address 10.255.1.5/32 +! +interface Management1 + description oob_management + no shutdown + ip address 192.168.0.14/24 +! +interface Vlan110 + description Tenant_A_OP_Zone_1 + no shutdown + vrf Tenant_A_OP_Zone + ip address virtual 10.1.10.1/24 +! +interface Vlan3009 + description MLAG_PEER_L3_iBGP: vrf Tenant_A_OP_Zone + no shutdown + mtu 1500 + vrf Tenant_A_OP_Zone + ip address 10.255.251.4/31 +! +interface Vlan4093 + description MLAG_PEER_L3_PEERING + no shutdown + mtu 1500 + ip address 10.255.251.4/31 +! +interface Vlan4094 + description MLAG_PEER + no shutdown + mtu 1500 + no autostate + ip address 10.255.252.4/31 +! +interface Vxlan1 + description leaf3_VTEP + vxlan source-interface Loopback1 + vxlan virtual-router encapsulation mac-address mlag-system-id + vxlan udp-port 4789 + vxlan vlan 110 vni 10110 + vxlan vlan 160 vni 55160 + vxlan vrf Tenant_A_OP_Zone vni 10 +! +ip virtual-router mac-address 00:1c:73:00:dc:01 +! +ip address virtual source-nat vrf Tenant_A_OP_Zone address 10.255.1.5 +! +ip routing +ip routing vrf Tenant_A_OP_Zone +! +ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY + seq 10 permit 192.0.255.0/24 eq 32 + seq 20 permit 192.0.254.0/24 eq 32 +! +mlag configuration + domain-id pod2 + local-interface Vlan4094 + peer-address 10.255.252.5 + peer-link Port-Channel1 + reload-delay mlag 300 + reload-delay non-mlag 330 +! +ip route 0.0.0.0/0 192.168.0.1 +! +route-map RM-CONN-2-BGP permit 10 + match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY +! +route-map RM-MLAG-PEER-IN permit 10 + description Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing + set origin incomplete +! +router bfd + multihop interval 1200 min-rx 1200 multiplier 3 +! +router bgp 65102 + router-id 192.0.255.5 + no bgp default ipv4-unicast + distance bgp 20 200 200 + graceful-restart restart-time 300 + graceful-restart + maximum-paths 4 ecmp 4 + neighbor EVPN-OVERLAY-PEERS peer group + neighbor EVPN-OVERLAY-PEERS update-source Loopback0 + neighbor EVPN-OVERLAY-PEERS bfd + neighbor EVPN-OVERLAY-PEERS ebgp-multihop 3 + neighbor EVPN-OVERLAY-PEERS password 7 q+VNViP5i4rVjW1cxFv2wA== + neighbor EVPN-OVERLAY-PEERS send-community + neighbor EVPN-OVERLAY-PEERS maximum-routes 0 + neighbor IPv4-UNDERLAY-PEERS peer group + neighbor IPv4-UNDERLAY-PEERS password 7 AQQvKeimxJu+uGQ/yYvv9w== + neighbor IPv4-UNDERLAY-PEERS send-community + neighbor IPv4-UNDERLAY-PEERS maximum-routes 12000 + neighbor MLAG-IPv4-UNDERLAY-PEER peer group + neighbor MLAG-IPv4-UNDERLAY-PEER remote-as 65102 + neighbor MLAG-IPv4-UNDERLAY-PEER next-hop-self + neighbor MLAG-IPv4-UNDERLAY-PEER description leaf4 + neighbor MLAG-IPv4-UNDERLAY-PEER password 7 vnEaG8gMeQf3d3cN6PktXQ== + neighbor MLAG-IPv4-UNDERLAY-PEER send-community + neighbor MLAG-IPv4-UNDERLAY-PEER maximum-routes 12000 + neighbor MLAG-IPv4-UNDERLAY-PEER route-map RM-MLAG-PEER-IN in + neighbor 10.255.251.5 peer group MLAG-IPv4-UNDERLAY-PEER + neighbor 10.255.251.5 description leaf4 + neighbor 172.30.255.8 peer group IPv4-UNDERLAY-PEERS + neighbor 172.30.255.8 remote-as 65001 + neighbor 172.30.255.8 description spine1_Ethernet4 + neighbor 172.30.255.10 peer group IPv4-UNDERLAY-PEERS + neighbor 172.30.255.10 remote-as 65001 + neighbor 172.30.255.10 description spine2_Ethernet4 + neighbor 192.0.255.1 peer group EVPN-OVERLAY-PEERS + neighbor 192.0.255.1 remote-as 65001 + neighbor 192.0.255.1 description spine1 + neighbor 192.0.255.2 peer group EVPN-OVERLAY-PEERS + neighbor 192.0.255.2 remote-as 65001 + neighbor 192.0.255.2 description spine2 + redistribute connected route-map RM-CONN-2-BGP + ! + vlan-aware-bundle Tenant_A_OP_Zone + rd 192.0.255.5:10 + route-target both 10:10 + redistribute learned + vlan 110 + ! + vlan-aware-bundle Tenant_A_VMOTION + rd 192.0.255.5:55160 + route-target both 55160:55160 + redistribute learned + vlan 160 + ! + address-family evpn + neighbor EVPN-OVERLAY-PEERS activate + ! + address-family ipv4 + no neighbor EVPN-OVERLAY-PEERS activate + neighbor IPv4-UNDERLAY-PEERS activate + neighbor MLAG-IPv4-UNDERLAY-PEER activate + ! + vrf Tenant_A_OP_Zone + rd 192.0.255.5:10 + route-target import evpn 10:10 + route-target export evpn 10:10 + router-id 192.0.255.5 + neighbor 10.255.251.5 peer group MLAG-IPv4-UNDERLAY-PEER + redistribute connected +! +management api http-commands + protocol https + no shutdown + ! + vrf default + no shutdown +! +end diff --git a/docs/labs/lab06-provisioning/configlets/AVD_leaf4.cfg b/docs/labs/lab06-provisioning/configlets/AVD_leaf4.cfg new file mode 100644 index 0000000..80e201d --- /dev/null +++ b/docs/labs/lab06-provisioning/configlets/AVD_leaf4.cfg @@ -0,0 +1,255 @@ +!RANCID-CONTENT-TYPE: arista +! +vlan internal order ascending range 1006 1199 +! +transceiver qsfp default-mode 4x10G +! +service routing protocols model multi-agent +! +hostname leaf4 +ip name-server vrf default 8.8.8.8 +ip name-server vrf default 192.168.2.1 +dns domain atd.lab +! +spanning-tree mode mstp +no spanning-tree vlan-id 4093-4094 +spanning-tree mst 0 priority 16384 +! +no enable password +no aaa root +! +vlan 110 + name Tenant_A_OP_Zone_1 +! +vlan 160 + name Tenant_A_VMOTION +! +vlan 3009 + name MLAG_iBGP_Tenant_A_OP_Zone + trunk group LEAF_PEER_L3 +! +vlan 4093 + name LEAF_PEER_L3 + trunk group LEAF_PEER_L3 +! +vlan 4094 + name MLAG_PEER + trunk group MLAG +! +vrf instance Tenant_A_OP_Zone +! +interface Port-Channel1 + description MLAG_PEER_leaf3_Po1 + no shutdown + switchport + switchport trunk allowed vlan 2-4094 + switchport mode trunk + switchport trunk group LEAF_PEER_L3 + switchport trunk group MLAG +! +interface Port-Channel4 + description host2_PortChannel + no shutdown + switchport + switchport access vlan 110 + mlag 4 +! +interface Ethernet1 + description MLAG_PEER_leaf3_Ethernet1 + no shutdown + channel-group 1 mode active +! +interface Ethernet2 + description P2P_LINK_TO_SPINE1_Ethernet5 + no shutdown + mtu 1500 + no switchport + ip address 172.30.255.13/31 +! +interface Ethernet3 + description P2P_LINK_TO_SPINE2_Ethernet5 + no shutdown + mtu 1500 + no switchport + ip address 172.30.255.15/31 +! +interface Ethernet4 + description host2_Eth3 + no shutdown + channel-group 4 mode active +! +interface Ethernet5 + description host2_Eth4 + no shutdown + channel-group 4 mode active +! +interface Ethernet6 + description MLAG_PEER_leaf3_Ethernet6 + no shutdown + channel-group 1 mode active +! +interface Loopback0 + description EVPN_Overlay_Peering + no shutdown + ip address 192.0.255.6/32 +! +interface Loopback1 + description VTEP_VXLAN_Tunnel_Source + no shutdown + ip address 192.0.254.5/32 +! +interface Loopback100 + description Tenant_A_OP_Zone_VTEP_DIAGNOSTICS + no shutdown + vrf Tenant_A_OP_Zone + ip address 10.255.1.6/32 +! +interface Management1 + description oob_management + no shutdown + ip address 192.168.0.15/24 +! +interface Vlan110 + description Tenant_A_OP_Zone_1 + no shutdown + vrf Tenant_A_OP_Zone + ip address virtual 10.1.10.1/24 +! +interface Vlan3009 + description MLAG_PEER_L3_iBGP: vrf Tenant_A_OP_Zone + no shutdown + mtu 1500 + vrf Tenant_A_OP_Zone + ip address 10.255.251.5/31 +! +interface Vlan4093 + description MLAG_PEER_L3_PEERING + no shutdown + mtu 1500 + ip address 10.255.251.5/31 +! +interface Vlan4094 + description MLAG_PEER + no shutdown + mtu 1500 + no autostate + ip address 10.255.252.5/31 +! +interface Vxlan1 + description leaf4_VTEP + vxlan source-interface Loopback1 + vxlan virtual-router encapsulation mac-address mlag-system-id + vxlan udp-port 4789 + vxlan vlan 110 vni 10110 + vxlan vlan 160 vni 55160 + vxlan vrf Tenant_A_OP_Zone vni 10 +! +ip virtual-router mac-address 00:1c:73:00:dc:01 +! +ip address virtual source-nat vrf Tenant_A_OP_Zone address 10.255.1.6 +! +ip routing +ip routing vrf Tenant_A_OP_Zone +! +ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY + seq 10 permit 192.0.255.0/24 eq 32 + seq 20 permit 192.0.254.0/24 eq 32 +! +mlag configuration + domain-id pod2 + local-interface Vlan4094 + peer-address 10.255.252.4 + peer-link Port-Channel1 + reload-delay mlag 300 + reload-delay non-mlag 330 +! +ip route 0.0.0.0/0 192.168.0.1 +! +route-map RM-CONN-2-BGP permit 10 + match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY +! +route-map RM-MLAG-PEER-IN permit 10 + description Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing + set origin incomplete +! +router bfd + multihop interval 1200 min-rx 1200 multiplier 3 +! +router bgp 65102 + router-id 192.0.255.6 + no bgp default ipv4-unicast + distance bgp 20 200 200 + graceful-restart restart-time 300 + graceful-restart + maximum-paths 4 ecmp 4 + neighbor EVPN-OVERLAY-PEERS peer group + neighbor EVPN-OVERLAY-PEERS update-source Loopback0 + neighbor EVPN-OVERLAY-PEERS bfd + neighbor EVPN-OVERLAY-PEERS ebgp-multihop 3 + neighbor EVPN-OVERLAY-PEERS password 7 q+VNViP5i4rVjW1cxFv2wA== + neighbor EVPN-OVERLAY-PEERS send-community + neighbor EVPN-OVERLAY-PEERS maximum-routes 0 + neighbor IPv4-UNDERLAY-PEERS peer group + neighbor IPv4-UNDERLAY-PEERS password 7 AQQvKeimxJu+uGQ/yYvv9w== + neighbor IPv4-UNDERLAY-PEERS send-community + neighbor IPv4-UNDERLAY-PEERS maximum-routes 12000 + neighbor MLAG-IPv4-UNDERLAY-PEER peer group + neighbor MLAG-IPv4-UNDERLAY-PEER remote-as 65102 + neighbor MLAG-IPv4-UNDERLAY-PEER next-hop-self + neighbor MLAG-IPv4-UNDERLAY-PEER description leaf3 + neighbor MLAG-IPv4-UNDERLAY-PEER password 7 vnEaG8gMeQf3d3cN6PktXQ== + neighbor MLAG-IPv4-UNDERLAY-PEER send-community + neighbor MLAG-IPv4-UNDERLAY-PEER maximum-routes 12000 + neighbor MLAG-IPv4-UNDERLAY-PEER route-map RM-MLAG-PEER-IN in + neighbor 10.255.251.4 peer group MLAG-IPv4-UNDERLAY-PEER + neighbor 10.255.251.4 description leaf3 + neighbor 172.30.255.12 peer group IPv4-UNDERLAY-PEERS + neighbor 172.30.255.12 remote-as 65001 + neighbor 172.30.255.12 description spine1_Ethernet5 + neighbor 172.30.255.14 peer group IPv4-UNDERLAY-PEERS + neighbor 172.30.255.14 remote-as 65001 + neighbor 172.30.255.14 description spine2_Ethernet5 + neighbor 192.0.255.1 peer group EVPN-OVERLAY-PEERS + neighbor 192.0.255.1 remote-as 65001 + neighbor 192.0.255.1 description spine1 + neighbor 192.0.255.2 peer group EVPN-OVERLAY-PEERS + neighbor 192.0.255.2 remote-as 65001 + neighbor 192.0.255.2 description spine2 + redistribute connected route-map RM-CONN-2-BGP + ! + vlan-aware-bundle Tenant_A_OP_Zone + rd 192.0.255.6:10 + route-target both 10:10 + redistribute learned + vlan 110 + ! + vlan-aware-bundle Tenant_A_VMOTION + rd 192.0.255.6:55160 + route-target both 55160:55160 + redistribute learned + vlan 160 + ! + address-family evpn + neighbor EVPN-OVERLAY-PEERS activate + ! + address-family ipv4 + no neighbor EVPN-OVERLAY-PEERS activate + neighbor IPv4-UNDERLAY-PEERS activate + neighbor MLAG-IPv4-UNDERLAY-PEER activate + ! + vrf Tenant_A_OP_Zone + rd 192.0.255.6:10 + route-target import evpn 10:10 + route-target export evpn 10:10 + router-id 192.0.255.6 + neighbor 10.255.251.4 peer group MLAG-IPv4-UNDERLAY-PEER + redistribute connected +! +management api http-commands + protocol https + no shutdown + ! + vrf default + no shutdown +! +end diff --git a/docs/labs/lab06-provisioning/configlets/AVD_spine1.cfg b/docs/labs/lab06-provisioning/configlets/AVD_spine1.cfg new file mode 100644 index 0000000..df188d7 --- /dev/null +++ b/docs/labs/lab06-provisioning/configlets/AVD_spine1.cfg @@ -0,0 +1,129 @@ +!RANCID-CONTENT-TYPE: arista +! +vlan internal order ascending range 1006 1199 +! +transceiver qsfp default-mode 4x10G +! +service routing protocols model multi-agent +! +hostname spine1 +ip name-server vrf default 8.8.8.8 +ip name-server vrf default 192.168.2.1 +dns domain atd.lab +! +spanning-tree mode none +! +no enable password +no aaa root +! +interface Ethernet2 + description P2P_LINK_TO_LEAF1_Ethernet2 + no shutdown + mtu 1500 + no switchport + ip address 172.30.255.0/31 +! +interface Ethernet3 + description P2P_LINK_TO_LEAF2_Ethernet2 + no shutdown + mtu 1500 + no switchport + ip address 172.30.255.4/31 +! +interface Ethernet4 + description P2P_LINK_TO_LEAF3_Ethernet2 + no shutdown + mtu 1500 + no switchport + ip address 172.30.255.8/31 +! +interface Ethernet5 + description P2P_LINK_TO_LEAF4_Ethernet2 + no shutdown + mtu 1500 + no switchport + ip address 172.30.255.12/31 +! +interface Loopback0 + description EVPN_Overlay_Peering + no shutdown + ip address 192.0.255.1/32 +! +interface Management1 + description oob_management + no shutdown + ip address 192.168.0.10/24 +! +ip routing +! +ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY + seq 10 permit 192.0.255.0/24 eq 32 +! +ip route 0.0.0.0/0 192.168.0.1 +! +route-map RM-CONN-2-BGP permit 10 + match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY +! +router bfd + multihop interval 1200 min-rx 1200 multiplier 3 +! +router bgp 65001 + router-id 192.0.255.1 + no bgp default ipv4-unicast + distance bgp 20 200 200 + graceful-restart restart-time 300 + graceful-restart + maximum-paths 4 ecmp 4 + neighbor EVPN-OVERLAY-PEERS peer group + neighbor EVPN-OVERLAY-PEERS next-hop-unchanged + neighbor EVPN-OVERLAY-PEERS update-source Loopback0 + neighbor EVPN-OVERLAY-PEERS bfd + neighbor EVPN-OVERLAY-PEERS ebgp-multihop 3 + neighbor EVPN-OVERLAY-PEERS password 7 q+VNViP5i4rVjW1cxFv2wA== + neighbor EVPN-OVERLAY-PEERS send-community + neighbor EVPN-OVERLAY-PEERS maximum-routes 0 + neighbor IPv4-UNDERLAY-PEERS peer group + neighbor IPv4-UNDERLAY-PEERS password 7 AQQvKeimxJu+uGQ/yYvv9w== + neighbor IPv4-UNDERLAY-PEERS send-community + neighbor IPv4-UNDERLAY-PEERS maximum-routes 12000 + neighbor 172.30.255.1 peer group IPv4-UNDERLAY-PEERS + neighbor 172.30.255.1 remote-as 65101 + neighbor 172.30.255.1 description leaf1_Ethernet2 + neighbor 172.30.255.5 peer group IPv4-UNDERLAY-PEERS + neighbor 172.30.255.5 remote-as 65101 + neighbor 172.30.255.5 description leaf2_Ethernet2 + neighbor 172.30.255.9 peer group IPv4-UNDERLAY-PEERS + neighbor 172.30.255.9 remote-as 65102 + neighbor 172.30.255.9 description leaf3_Ethernet2 + neighbor 172.30.255.13 peer group IPv4-UNDERLAY-PEERS + neighbor 172.30.255.13 remote-as 65102 + neighbor 172.30.255.13 description leaf4_Ethernet2 + neighbor 192.0.255.3 peer group EVPN-OVERLAY-PEERS + neighbor 192.0.255.3 remote-as 65101 + neighbor 192.0.255.3 description leaf1 + neighbor 192.0.255.4 peer group EVPN-OVERLAY-PEERS + neighbor 192.0.255.4 remote-as 65101 + neighbor 192.0.255.4 description leaf2 + neighbor 192.0.255.5 peer group EVPN-OVERLAY-PEERS + neighbor 192.0.255.5 remote-as 65102 + neighbor 192.0.255.5 description leaf3 + neighbor 192.0.255.6 peer group EVPN-OVERLAY-PEERS + neighbor 192.0.255.6 remote-as 65102 + neighbor 192.0.255.6 description leaf4 + redistribute connected route-map RM-CONN-2-BGP + ! + address-family evpn + neighbor EVPN-OVERLAY-PEERS activate + ! + address-family ipv4 + no neighbor EVPN-OVERLAY-PEERS activate + neighbor IPv4-UNDERLAY-PEERS activate +! +management api http-commands + protocol https + no shutdown + ! + vrf default + no shutdown +! +end diff --git a/docs/labs/lab06-provisioning/configlets/AVD_spine2.cfg b/docs/labs/lab06-provisioning/configlets/AVD_spine2.cfg new file mode 100644 index 0000000..0ad7bd1 --- /dev/null +++ b/docs/labs/lab06-provisioning/configlets/AVD_spine2.cfg @@ -0,0 +1,129 @@ +!RANCID-CONTENT-TYPE: arista +! +vlan internal order ascending range 1006 1199 +! +transceiver qsfp default-mode 4x10G +! +service routing protocols model multi-agent +! +hostname spine2 +ip name-server vrf default 8.8.8.8 +ip name-server vrf default 192.168.2.1 +dns domain atd.lab +! +spanning-tree mode none +! +no enable password +no aaa root +! +interface Ethernet2 + description P2P_LINK_TO_LEAF1_Ethernet3 + no shutdown + mtu 1500 + no switchport + ip address 172.30.255.2/31 +! +interface Ethernet3 + description P2P_LINK_TO_LEAF2_Ethernet3 + no shutdown + mtu 1500 + no switchport + ip address 172.30.255.6/31 +! +interface Ethernet4 + description P2P_LINK_TO_LEAF3_Ethernet3 + no shutdown + mtu 1500 + no switchport + ip address 172.30.255.10/31 +! +interface Ethernet5 + description P2P_LINK_TO_LEAF4_Ethernet3 + no shutdown + mtu 1500 + no switchport + ip address 172.30.255.14/31 +! +interface Loopback0 + description EVPN_Overlay_Peering + no shutdown + ip address 192.0.255.2/32 +! +interface Management1 + description oob_management + no shutdown + ip address 192.168.0.11/24 +! +ip routing +! +ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY + seq 10 permit 192.0.255.0/24 eq 32 +! +ip route 0.0.0.0/0 192.168.0.1 +! +route-map RM-CONN-2-BGP permit 10 + match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY +! +router bfd + multihop interval 1200 min-rx 1200 multiplier 3 +! +router bgp 65001 + router-id 192.0.255.2 + no bgp default ipv4-unicast + distance bgp 20 200 200 + graceful-restart restart-time 300 + graceful-restart + maximum-paths 4 ecmp 4 + neighbor EVPN-OVERLAY-PEERS peer group + neighbor EVPN-OVERLAY-PEERS next-hop-unchanged + neighbor EVPN-OVERLAY-PEERS update-source Loopback0 + neighbor EVPN-OVERLAY-PEERS bfd + neighbor EVPN-OVERLAY-PEERS ebgp-multihop 3 + neighbor EVPN-OVERLAY-PEERS password 7 q+VNViP5i4rVjW1cxFv2wA== + neighbor EVPN-OVERLAY-PEERS send-community + neighbor EVPN-OVERLAY-PEERS maximum-routes 0 + neighbor IPv4-UNDERLAY-PEERS peer group + neighbor IPv4-UNDERLAY-PEERS password 7 AQQvKeimxJu+uGQ/yYvv9w== + neighbor IPv4-UNDERLAY-PEERS send-community + neighbor IPv4-UNDERLAY-PEERS maximum-routes 12000 + neighbor 172.30.255.3 peer group IPv4-UNDERLAY-PEERS + neighbor 172.30.255.3 remote-as 65101 + neighbor 172.30.255.3 description leaf1_Ethernet3 + neighbor 172.30.255.7 peer group IPv4-UNDERLAY-PEERS + neighbor 172.30.255.7 remote-as 65101 + neighbor 172.30.255.7 description leaf2_Ethernet3 + neighbor 172.30.255.11 peer group IPv4-UNDERLAY-PEERS + neighbor 172.30.255.11 remote-as 65102 + neighbor 172.30.255.11 description leaf3_Ethernet3 + neighbor 172.30.255.15 peer group IPv4-UNDERLAY-PEERS + neighbor 172.30.255.15 remote-as 65102 + neighbor 172.30.255.15 description leaf4_Ethernet3 + neighbor 192.0.255.3 peer group EVPN-OVERLAY-PEERS + neighbor 192.0.255.3 remote-as 65101 + neighbor 192.0.255.3 description leaf1 + neighbor 192.0.255.4 peer group EVPN-OVERLAY-PEERS + neighbor 192.0.255.4 remote-as 65101 + neighbor 192.0.255.4 description leaf2 + neighbor 192.0.255.5 peer group EVPN-OVERLAY-PEERS + neighbor 192.0.255.5 remote-as 65102 + neighbor 192.0.255.5 description leaf3 + neighbor 192.0.255.6 peer group EVPN-OVERLAY-PEERS + neighbor 192.0.255.6 remote-as 65102 + neighbor 192.0.255.6 description leaf4 + redistribute connected route-map RM-CONN-2-BGP + ! + address-family evpn + neighbor EVPN-OVERLAY-PEERS activate + ! + address-family ipv4 + no neighbor EVPN-OVERLAY-PEERS activate + neighbor IPv4-UNDERLAY-PEERS activate +! +management api http-commands + protocol https + no shutdown + ! + vrf default + no shutdown +! +end diff --git a/docs/labs/lab06-provisioning/gen_builder.py b/docs/labs/lab06-provisioning/gen_builder.py new file mode 100644 index 0000000..8cd389d --- /dev/null +++ b/docs/labs/lab06-provisioning/gen_builder.py @@ -0,0 +1,63 @@ +# Copyright (c) 2020 Arista Networks, Inc. +# Use of this source code is governed by the Apache License 2.0 +# that can be found in the COPYING file. + +from cvprac.cvp_client import CvpClient +import ssl +ssl._create_default_https_context = ssl._create_unverified_context +import requests.packages.urllib3 +requests.packages.urllib3.disable_warnings() + +# Create connection to CloudVision +clnt = CvpClient() +clnt.connect(['cvp1'],'username', 'password') + +container_id = clnt.api.get_container_by_name("TP_LEAFS")['key'] +builder_name = 'SYS_TelemetryBuilderV3' +configletBuilderID = clnt.api.get_configlet_by_name(builder_name)['key'] + +payload = {"previewValues":[{ + "fieldId":"vrf", + "value":"red"}], + "configletBuilderId":configletBuilderID, + "netElementIds":[], + "pageType":"container", + "containerId":container_id, + "containerToId":"", + "mode":"assign"} + +preview = clnt.post('/configlet/configletBuilderPreview.do', data=payload) + +generated_names_list = [] +generated_keys_list = [] + +for i in preview['data']: + generated_names_list.append(i['configlet']['name']) + generated_keys_list.append(i['configlet']['key']) + +clnt.get("/configlet/searchConfiglets.do?objectId={}&objectType=container&type=ignoreDraft&queryparam={}&startIndex=0&endIndex=22&sortByColumn=&sortOrder=".format(container_id, builder_name.lower())) + +tempData = {"data":[{ + "info":"Configlet Assign: to container TP_LEAFS", + "infoPreview":"<b>Configlet Assign:</b> to container TP_LEAFS", + "action":"associate", + "nodeType":"configlet", + "nodeId":"", + "toId":container_id, + "fromId":"","nodeName":"","fromName":"", + "toName":"TP_LEAFS", + "toIdType":"container", + "configletList":generated_keys_list, + "configletNamesList":generated_names_list, + "ignoreConfigletList":[], + "ignoreConfigletNamesList":[], + "configletBuilderList":[configletBuilderID], + "configletBuilderNamesList":[builder_name], + "ignoreConfigletBuilderList":[], + "ignoreConfigletBuilderNamesList":[] + } + ] + } + +clnt.api._add_temp_action(tempData) +clnt.api._save_topology_v2([]) diff --git a/docs/labs/lab06-provisioning/mlag_issu.py b/docs/labs/lab06-provisioning/mlag_issu.py new file mode 100644 index 0000000..307d418 --- /dev/null +++ b/docs/labs/lab06-provisioning/mlag_issu.py @@ -0,0 +1,220 @@ +#!/usr/bin/env python3 +# +# python3 mlag_issu <upgrade inventory file> <MLAG peer to upgrade: 'peer1' or 'peer2'>" +# +# # Example of upgrade inventory file (YAML) +# cvp_hosts: +# - 192.168.0.191 +# - 192.168.0.192 +# - 192.168.0.193 +# cvp_username: cvpadmin +# target_eos_version: 4.25.4M +# target_terminattr_version: 1.13.6 +# mlag_couples: +# - peer1: leaf101-1 +# peer2: leaf101-2 +# - peer1: leaf102-1 +# peer2: leaf102-2 +# +# Note: upgrades are performed in parallel + +import sys +import time +import string +import random +from getpass import getpass +import requests +from requests.packages.urllib3.exceptions import InsecureRequestWarning +from datetime import datetime +from cvprac.cvp_client import CvpClient +from cvprac.cvp_client_errors import CvpLoginError, CvpApiError +from pprint import pprint +from operator import itemgetter +import yaml + +class CvpDeviceUpgrader(object): + def __init__(self, hosts, username, password): + requests.packages.urllib3.disable_warnings(InsecureRequestWarning) + self.cvp_hosts = hosts + self.cvp_user = username + self.cvp_password = password + self.session = self._open_cvp_session() + + def _open_cvp_session(self): + try: + client = CvpClient() + client.connect( + nodes=self.cvp_hosts, + username=self.cvp_user, + password=self.cvp_password, + request_timeout=300, + connect_timeout=30 + ) + return(client) + except CvpLoginError as e: + print(f"Cannot connect to CVP API: {e}") + exit() + + def create_mlag_issu_change_control(self, taskIDs, deviceIDs): + cc_id = f"CC_{datetime.now().strftime('%Y%m%d_%H%M%S')}" + pre_upgrade_stage = {'stage': [{ + 'id': f"preU_{cc_id}", + 'name': 'pre_upgrade', + 'stage_row':[{'stage': [{ + 'id': ''.join(random.choice(string.ascii_letters + string.digits) for _ in range(9)), + 'action': { + 'name': 'mlaghealthcheck', + 'timeout': 0, + 'args': { + 'DeviceID': device_id + } + } + } for device_id in deviceIDs]}] + }]} + upgrade_stage = {'stage': [{ + 'id': f"U_{cc_id}", + 'name': 'upgrade', + 'stage_row': [{'stage': [{ + 'id': task_id, + 'action': { + 'name': 'task', + 'args': { + 'TaskID': task_id + } + } + } for task_id in taskIDs]}] + }]} + post_upgrade_stage = {'stage': [{ + 'id': f"postU_{cc_id}", + 'name': 'post_upgrade', + 'stage_row': [{'stage': [{ + 'id': ''.join(random.choice(string.ascii_letters + string.digits) for _ in range(9)), + 'action': { + 'name': 'mlaghealthcheck', + 'timeout': 0, + 'args': { + 'DeviceID': device_id + } + } + } for device_id in deviceIDs]}] + }]} + cc_data = {'config': { + 'id': cc_id, + 'name': f"Change Control {cc_id}", + 'root_stage': { + 'id': 'root', + 'name': f"Change Control {cc_id} root", + 'stage_row': [pre_upgrade_stage, upgrade_stage, post_upgrade_stage], + } + }} + try: + res = self.session.post('/api/v3/services/ccapi.ChangeControl/Update', + data=cc_data, + timeout=self.session.api.request_timeout + ) + except Exception as e: + print(str(e)) + return(None) + print(f"Change control {res[0]['id']} created at {res[0]['update_timestamp']}") + return(res[0]['id']) + + def get_mlag_issu_change_control_logs(self, ccID, startTime): + end_time = int(time.time() * 1000) + cc_logs_data = {'category': 'ChangeControl', + 'objectKey': ccID, + 'dataSize': 15000, + 'startTime': startTime, + 'endTime': end_time + } + logs = self.session.post('/cvpservice/audit/getLogs.do', + data=cc_logs_data, + timeout=self.session.api.request_timeout + ) + for log in sorted(logs['data'], key=itemgetter('dateTimeInLongFormat')): + if log['subObjectName'] and 'Command(s)' not in log['activity']: + log_date = datetime.fromtimestamp(log['dateTimeInLongFormat']/1000) + print(f"{log_date} {log['subObjectName']}: {log['activity']}") + return(end_time + 1) + + def run_mlag_issu_change_control(self, ccID): + print(f"Automatic approval of change control {ccID}") + self.session.api.approve_change_control(ccID, datetime.utcnow().isoformat() + 'Z') + time.sleep(2) + print(f"Starting the execution of change control {ccID}") + start_time = int(time.time() * 1000) + self.session.api.execute_change_controls([ccID]) + time.sleep(2) + cc_status = self.session.api.get_change_control_status(ccID)[0]['status'] + start_time = self.get_mlag_issu_change_control_logs(ccID, start_time) + while cc_status['state'] == 'Running': + time.sleep(30) + cc_status = self.session.api.get_change_control_status(ccID)[0]['status'] + start_time = self.get_mlag_issu_change_control_logs(ccID, start_time) + print(f"Change control {ccID} final status: {cc_status['state']}") + if cc_status['error']: + print(f"Change control {ccID} had the following errors: {cc_status['error']}") + else: + print(f"Change control {ccID} completed without errors") + +def main(): + if len(sys.argv) != 3: + print(f"Usage: python3 {sys.argv[0]} <input file path> <MLAG peer to upgrade: peer1/peer2>") + exit() + try: + with open(sys.argv[1], 'r') as yf: + params = yaml.safe_load(yf) + except Exception as e: + print(e) + exit() + cvp_password = getpass(prompt=f"CVP password for user {params['cvp_username']}: ") + cvpdu = CvpDeviceUpgrader( + hosts=params['cvp_hosts'], + username=params['cvp_username'], + password=cvp_password + ) + image_bundle = None + for bundle in cvpdu.session.api.get_image_bundles()['data']: + eos_match = False + terminattr_match = False + for img in bundle['imageIds']: + if params['target_eos_version'] in img: + eos_match = True + elif params['target_terminattr_version'] in img: + terminattr_match = True + if eos_match and terminattr_match: + image_bundle = bundle + break + if image_bundle is None: + print(f"Cannot find an image bundle with EOS {params['target_eos_version']} and TerminAttr {params['target_terminattr_version']}") + exit() + hostnames = [couple[sys.argv[2]] for couple in params['mlag_couples']] + devices_to_upgrade = list() + inventory = cvpdu.session.api.get_inventory() + for hostname in hostnames: + provisioned = False + for dev in inventory: + if dev['hostname'] == hostname: + provisioned = True + devices_to_upgrade.append(dev) + break + if not provisioned: + print(f"Device with hostname {hostname} is not provisioned in CVP") + if not devices_to_upgrade: + print('none of the mentioned devices is provisioned in CVP') + exit() + print(f"Devices to upgrade: {', '.join([dev['hostname'] for dev in devices_to_upgrade])}") + task_ids = list() + for device in devices_to_upgrade: + response = cvpdu.session.api.apply_image_to_device(image_bundle, device)['data'] + if response['status'] == 'success': + task_ids.extend(response['taskIds']) + device_ids = [device['serialNumber'] for device in devices_to_upgrade] + cc_id = cvpdu.create_mlag_issu_change_control(task_ids, device_ids) + if cc_id is None: + print('Failed to create the MLAG ISSU change control') + exit() + time.sleep(2) + cvpdu.run_mlag_issu_change_control(cc_id) + +if __name__ == '__main__': + main() diff --git a/docs/labs/lab06-provisioning/move_device.py b/docs/labs/lab06-provisioning/move_device.py new file mode 100644 index 0000000..5257f79 --- /dev/null +++ b/docs/labs/lab06-provisioning/move_device.py @@ -0,0 +1,24 @@ +# Copyright (c) 2021 Arista Networks, Inc. +# Use of this source code is governed by the Apache License 2.0 +# that can be found in the COPYING file. + +from cvprac.cvp_client import CvpClient +import ssl +ssl._create_default_https_context = ssl._create_unverified_context +import requests.packages.urllib3 +requests.packages.urllib3.disable_warnings() + +# Create connection to CloudVision +with open("token.tok") as f: + token = f.read().strip('\n') + +clnt = CvpClient() +clnt.connect(nodes=['cvp1'], username='',password='',api_token=token) + +container = clnt.api.get_container_by_name('TP_LEAFS') # container object + +app_name = "my app" # can be any string + +device = {"key":"00:1c:73:c5:4c:87", "fqdn":"co633.ire.aristanetworks.com"} + +move_device_to_container(app_name, device, container) diff --git a/docs/labs/lab06-provisioning/vc_task_retrigger.py b/docs/labs/lab06-provisioning/vc_task_retrigger.py new file mode 100644 index 0000000..b5586ee --- /dev/null +++ b/docs/labs/lab06-provisioning/vc_task_retrigger.py @@ -0,0 +1,115 @@ +# Copyright (c) 2021 Arista Networks, Inc. +# Use of this source code is governed by the Apache License 2.0 +# that can be found in the COPYING file. + +# Example on how to re-trigger task creation if a config push task was previously +# cancelled and the device is still config out of sync +import argparse +import ssl +import sys +from pkg_resources import parse_version +from getpass import getpass +from cvprac.cvp_client import CvpClient +import requests.packages.urllib3 +requests.packages.urllib3.disable_warnings() + + +if ((sys.version_info.major == 3) or + (sys.version_info.major == 2 and sys.version_info.minor == 7 and + sys.version_info.micro >= 5)): + ssl._create_default_https_context = ssl._create_unverified_context + + +def main(): + + compliance = {"0001": "Config is out of sync", + "0003": "Config & image out of sync", + "0004": "Config, Image and Device time are in sync", + "0005": "Device is not reachable", + "0008": "Config, Image and Extensions are out of sync", + "0009": "Config and Extensions are out of sync", + "0012": "Config, Image, Extension and Device time are out of sync", + "0013": "Config, Image and Device time are out of sync", + "0014": "Config, Extensions and Device time are out of sync", + "0016": "Config and Device time are out of sync" + } + # Create connection to CloudVision + clnt = CvpClient() + + parser = argparse.ArgumentParser( + description='Script to recreate a task, if a previous config push was cancelled') + parser.add_argument('-u', '--username', default='username') + parser.add_argument('-p', '--password', default=None) + parser.add_argument('-c', '--cvpserver', action='append') + parser.add_argument('-f', '--filter', action='append', default=None) + args = parser.parse_args() + + if args.password is None: + args.password = getpass() + + for cvpserver in args.cvpserver: + print("Connecting to %s" % cvpserver) + try: + clnt.connect(nodes=[cvpserver], username=args.username, password=args.password) + except Exception as e: + print("Unable to connect to CVP: %s" % str(e)) + + # Get the current CVP version + cvp_release = clnt.api.get_cvp_info()['version'] + if parse_version(cvp_release) < parse_version('2020.3.0'): + # For older CVP, we manually trigger a compliance check + try: + clnt.api.check_compliance('root', 'container') + except: + # Bad practice, but the check compliance applied to a container can't actually work + # since the complianceIndication key doesn't exist on the container level + pass + else: + # with continuous compliance checks, triggering the check is no longer required + pass + + device_filters = [] + if args.filter is not None: + for entry in args.filter: + device_filters.extend(entry.split(',')) + + # Get inventory + print("Collecting inventory...") + devices = clnt.api.get_inventory() + print("%d devices in inventory" % len(devices) ) + + for switch in devices: + if (switch['status'] == 'Registered' and + switch['parentContainerId'] != 'undefined_container'): + + if len(device_filters) > 0: + # iterate over device filters, and update task for + # any devices not in compliance + + for filter_term in device_filters: + print("Checking device: %s" % switch['hostname']) + if filter_term in switch['hostname']: + # generate configlet list + cl = clnt.api.get_configlets_by_device_id(switch['systemMacAddress']) + # generate a task if config is out of sync + if switch['complianceCode'] in compliance.keys(): + print(clnt.api.apply_configlets_to_device("", switch, cl)) + else: + print("%s is compliant, nothing to do" % switch['hostname']) + else: + print("Skipping %s due to filter" % switch['hostname']) + else: + print("Checking device: %s" % switch['hostname']) + cl = clnt.api.get_configlets_by_device_id(switch['systemMacAddress']) + # generate a task if config is out of sync + if switch['complianceCode'] in compliance.keys(): + print(clnt.api.apply_configlets_to_device("", switch, cl)) + + else: + print("Skipping %s, device is unregistered for provisioning" % switch['hostname']) + + return 0 + + +if __name__ == "__main__": + main() diff --git a/docs/labs/lab07-aaa/aaa_users.csv b/docs/labs/lab07-aaa/aaa_users.csv new file mode 100644 index 0000000..14b3706 --- /dev/null +++ b/docs/labs/lab07-aaa/aaa_users.csv @@ -0,0 +1,5 @@ +username,first_name,last_name,email,user_type,role,status
+alice,,,alice@abc.xyz,SSO,network-admin,Enabled
+bob,,,bob@abc.xyz,SSO,network-admin,Enabled
+jane,Jane,Smith,jane@abc.xyz,SSO,network-admin,Enabled
+john,John,Smith,john@abc.xyz,SSO,network-admin,Enabled
\ No newline at end of file diff --git a/docs/labs/lab07-aaa/add_new_user_cvaas.py b/docs/labs/lab07-aaa/add_new_user_cvaas.py new file mode 100644 index 0000000..af2d48e --- /dev/null +++ b/docs/labs/lab07-aaa/add_new_user_cvaas.py @@ -0,0 +1,32 @@ +# Copyright (c) 2021 Arista Networks, Inc. +# Use of this source code is governed by the Apache License 2.0 +# that can be found in the COPYING file. + +from cvprac.cvp_client import CvpClient +from cvprac.cvp_client_errors import CvpApiError +import ssl +ssl._create_default_https_context = ssl._create_unverified_context +import requests.packages.urllib3 +requests.packages.urllib3.disable_warnings() +from cvprac.cvp_client import CvpClient + +# Create connection to CloudVision using Service Account token +with open("cvaas.tok") as f: + token = f.read().strip('\n') + +clnt = CvpClient() +clnt.connect(nodes=['www.arista.io'], username='', password='', is_cvaas=True, api_token=token) + +username = "john" +password = "" +role = "network-admin" +status = "Enabled" +first_name = "John" +last_name = "Smith" +email = "john.smith@abc.xyz" +utype = "SSO" + +try: + clnt.api.add_user(username,password,role,status,first_name,last_name,email,utype) +except CvpApiError as e: + print(e) diff --git a/docs/labs/lab07-aaa/add_new_user_onprem.py b/docs/labs/lab07-aaa/add_new_user_onprem.py new file mode 100644 index 0000000..218c9fc --- /dev/null +++ b/docs/labs/lab07-aaa/add_new_user_onprem.py @@ -0,0 +1,29 @@ +# Copyright (c) 2021 Arista Networks, Inc. +# Use of this source code is governed by the Apache License 2.0 +# that can be found in the COPYING file. + +from cvprac.cvp_client import CvpClient +from cvprac.cvp_client_errors import CvpApiError +import ssl +ssl._create_default_https_context = ssl._create_unverified_context +import requests.packages.urllib3 +requests.packages.urllib3.disable_warnings() +from getpass import getpass + +# Create connection to CloudVision +clnt = CvpClient() +clnt.connect(['cvp1'],'username', 'password') + +username = "cvpuser2" +password = getpass() +role = "network-admin" +status = "Enabled" +first_name = "Cloud" +last_name = "Vision" +email = "cvp@arista.com" +utype = "TACACS" + +try: + clnt.api.add_user(username,password,role,status,first_name,last_name,email,utype) +except CvpApiError as e: + print(e) diff --git a/docs/labs/lab07-aaa/add_users_from_csv_cvaas.py b/docs/labs/lab07-aaa/add_users_from_csv_cvaas.py new file mode 100644 index 0000000..c5cdda5 --- /dev/null +++ b/docs/labs/lab07-aaa/add_users_from_csv_cvaas.py @@ -0,0 +1,29 @@ +# Copyright (c) 2021 Arista Networks, Inc. +# Use of this source code is governed by the Apache License 2.0 +# that can be found in the COPYING file. + +from cvprac.cvp_client import CvpClient +from cvprac.cvp_client_errors import CvpApiError +import ssl +ssl._create_default_https_context = ssl._create_unverified_context +import requests.packages.urllib3 +requests.packages.urllib3.disable_warnings() +from cvprac.cvp_client import CvpClient +import csv + +# Create connection to CloudVision using Service Account token +with open("cvaas.tok") as f: + token = f.read().strip('\n') + +clnt = CvpClient() +clnt.connect(nodes=['www.arista.io'], username='', password='', is_cvaas=True, api_token=token) + + +with open("aaa_users.csv") as csvfile: + for i in csv.DictReader(csvfile): + data = dict(i) + try: + clnt.api.add_user(data['username'], "", data['role'], data['status'], data['first_name'], data['last_name'], data['email'], data['user_type']) + except CvpApiError as e: + print(e) + print ("Adding user {} to CVaaS".format(data['username'])) diff --git a/docs/labs/lab07-aaa/create_svc_account.py b/docs/labs/lab07-aaa/create_svc_account.py new file mode 100644 index 0000000..7f0e55e --- /dev/null +++ b/docs/labs/lab07-aaa/create_svc_account.py @@ -0,0 +1,20 @@ +# Copyright (c) 2021 Arista Networks, Inc. +# Use of this source code is governed by the Apache License 2.0 +# that can be found in the COPYING file. + +from cvprac.cvp_client import CvpClient +from cvprac.cvp_client_errors import CvpApiError +import ssl +ssl._create_default_https_context = ssl._create_unverified_context +import requests.packages.urllib3 +requests.packages.urllib3.disable_warnings() + +# Create connection to CloudVision using user/password (on-prem only) +clnt = CvpClient() +clnt.connect(['cvp1'],'username', 'password') + +username = "cvprac2" +description = "test cvprac" +roles = ["network-admin", "clouddeploy"] # both role names and role IDs are supported +status = 1 # 1 is equivalent to "ACCOUNT_STATUS_ENABLED" +clnt.api.svc_account_set(username, description, roles, status) diff --git a/docs/labs/lab07-aaa/create_svc_account_token.py b/docs/labs/lab07-aaa/create_svc_account_token.py new file mode 100644 index 0000000..4be8185 --- /dev/null +++ b/docs/labs/lab07-aaa/create_svc_account_token.py @@ -0,0 +1,23 @@ +# Copyright (c) 2021 Arista Networks, Inc. +# Use of this source code is governed by the Apache License 2.0 +# that can be found in the COPYING file. + +from cvprac.cvp_client import CvpClient +from cvprac.cvp_client_errors import CvpApiError +import ssl +ssl._create_default_https_context = ssl._create_unverified_context +import requests.packages.urllib3 +requests.packages.urllib3.disable_warnings() + +# Create connection to CloudVision using user/password (on-prem only) +clnt = CvpClient() +clnt.connect(['cvp1'],'username', 'password') + +username = "cvprac2" +duration = "31536000s" # 1 year validity +description = "test cvprac" +svc_token = clnt.api.svc_account_token_set(username, duration, description) + +# Write the token to file in <username>.tok format +with open(svc_token[0]['value']['user'] + ".tok", "w") as f: + f.write(svc_token[0]['value']['token']) diff --git a/docs/labs/lab07-aaa/create_terminattr_tokens.py b/docs/labs/lab07-aaa/create_terminattr_tokens.py new file mode 100644 index 0000000..d874913 --- /dev/null +++ b/docs/labs/lab07-aaa/create_terminattr_tokens.py @@ -0,0 +1,32 @@ +# Copyright (c) 2021 Arista Networks, Inc. +# Use of this source code is governed by the Apache License 2.0 +# that can be found in the COPYING file. +# +# Example script to generate the TerminAttr token via REST API from CVaaS and CV on-prem +# and save them to a file + +from cvprac.cvp_client import CvpClient +from pprint import pprint as pp +import ssl +ssl._create_default_https_context = ssl._create_unverified_context +import requests.packages.urllib3 +requests.packages.urllib3.disable_warnings() + +# Reading the service account token from a file +with open("cvaas.tok") as f: + token = f.read().strip('\n') + +clnt = CvpClient() +clnt.connect(nodes=['www.arista.io'], username='',password='',is_cvaas=True, api_token=token) + +terminattr_token = clnt.api.create_enroll_token('720h') +with open('cv-onboarding-token', 'w') as f: + f.write(terminattr_token[0]['enrollmentToken']['token']) + +primary = CvpClient() +primary.connect(nodes=['cvp1'], username='username',password='password') + +terminattr_token = primary.api.create_enroll_token('720h') + +with open('token', 'w') as f: + f.write(terminattr_token['data']) diff --git a/docs/labs/lab07-aaa/cvaas.tok b/docs/labs/lab07-aaa/cvaas.tok new file mode 100644 index 0000000..9d0234c --- /dev/null +++ b/docs/labs/lab07-aaa/cvaas.tok @@ -0,0 +1 @@ +<copy service account token here>
\ No newline at end of file diff --git a/docs/labs/lab07-aaa/delete_all_expired_svc_account_tokens.py b/docs/labs/lab07-aaa/delete_all_expired_svc_account_tokens.py new file mode 100644 index 0000000..68e82a9 --- /dev/null +++ b/docs/labs/lab07-aaa/delete_all_expired_svc_account_tokens.py @@ -0,0 +1,16 @@ +# Copyright (c) 2021 Arista Networks, Inc. +# Use of this source code is governed by the Apache License 2.0 +# that can be found in the COPYING file. + +from cvprac.cvp_client import CvpClient +from cvprac.cvp_client_errors import CvpApiError +import ssl +ssl._create_default_https_context = ssl._create_unverified_context +import requests.packages.urllib3 +requests.packages.urllib3.disable_warnings() + +# Create connection to CloudVision using user/password (on-prem only) +clnt = CvpClient() +clnt.connect(['cvp1'],'username', 'password') + +clnt.api.svc_account_delete_expired_tokens() diff --git a/docs/labs/lab07-aaa/delete_svc_account.py b/docs/labs/lab07-aaa/delete_svc_account.py new file mode 100644 index 0000000..a6f7854 --- /dev/null +++ b/docs/labs/lab07-aaa/delete_svc_account.py @@ -0,0 +1,17 @@ +# Copyright (c) 2021 Arista Networks, Inc. +# Use of this source code is governed by the Apache License 2.0 +# that can be found in the COPYING file. + +from cvprac.cvp_client import CvpClient +from cvprac.cvp_client_errors import CvpApiError +import ssl +ssl._create_default_https_context = ssl._create_unverified_context +import requests.packages.urllib3 +requests.packages.urllib3.disable_warnings() + +# Create connection to CloudVision using user/password (on-prem only) +clnt = CvpClient() +clnt.connect(['cvp1'],'username', 'password') + +username = "cvprac2" +clnt.api.svc_account_delete(username) diff --git a/docs/labs/lab07-aaa/delete_svc_account_created_by_user.py b/docs/labs/lab07-aaa/delete_svc_account_created_by_user.py new file mode 100644 index 0000000..b8f4045 --- /dev/null +++ b/docs/labs/lab07-aaa/delete_svc_account_created_by_user.py @@ -0,0 +1,22 @@ +# Copyright (c) 2021 Arista Networks, Inc. +# Use of this source code is governed by the Apache License 2.0 +# that can be found in the COPYING file. + +from cvprac.cvp_client import CvpClient +from cvprac.cvp_client_errors import CvpApiError +import ssl +ssl._create_default_https_context = ssl._create_unverified_context +import requests.packages.urllib3 +requests.packages.urllib3.disable_warnings() + +# Create connection to CloudVision using user/password (on-prem only) +clnt = CvpClient() +clnt.connect(['cvp1'],'username', 'password') + +svc_accounts = clnt.api.svc_account_get_all() +created_by = 'john.smith' + +# Delete service accounts created by user john.smith +for account in svc_accounts: + if account['value']['created_by'] == created_by: + clnt.api.svc_account_delete(account['value']['key']['name']) diff --git a/docs/labs/lab07-aaa/get_user_info.py b/docs/labs/lab07-aaa/get_user_info.py new file mode 100644 index 0000000..5e5a193 --- /dev/null +++ b/docs/labs/lab07-aaa/get_user_info.py @@ -0,0 +1,20 @@ +# Copyright (c) 2021 Arista Networks, Inc. +# Use of this source code is governed by the Apache License 2.0 +# that can be found in the COPYING file. + +from cvprac.cvp_client import CvpClient +from cvprac.cvp_client_errors import CvpApiError +import ssl +ssl._create_default_https_context = ssl._create_unverified_context +import requests.packages.urllib3 +requests.packages.urllib3.disable_warnings() +from cvprac.cvp_client import CvpClient + +with open("cvaas.tok") as f: + token = f.read().strip('\n') + +clnt = CvpClient() +clnt.connect(nodes=['www.arista.io'], username='', password='', is_cvaas=True, api_token=token) + +user_info = clnt.api.get_user('kishore') +print (user_info) diff --git a/docs/labs/lab07-aaa/svc_account_misc.py b/docs/labs/lab07-aaa/svc_account_misc.py new file mode 100644 index 0000000..d3eccca --- /dev/null +++ b/docs/labs/lab07-aaa/svc_account_misc.py @@ -0,0 +1,34 @@ +# Copyright (c) 2021 Arista Networks, Inc. +# Use of this source code is governed by the Apache License 2.0 +# that can be found in the COPYING file. + +from cvprac.cvp_client import CvpClient +from cvprac.cvp_client_errors import CvpApiError +import ssl +ssl._create_default_https_context = ssl._create_unverified_context +import requests.packages.urllib3 +requests.packages.urllib3.disable_warnings() + +# Create connection to CloudVision using user/password (on-prem only) +clnt = CvpClient() +clnt.connect(['cvp1'],'username', 'password') + +# Get all service accounts states + +accounts = clnt.api.svc_account_get_all() + +# Get specific service account state + +account = clnt.api.svc_account_get_one("cvprac2") + +# Get all service account token states + +tokens = clnt.api.svc_account_token_get_all() + +# Get specific token state + +token = clnt.api.svc_account_token_get_one("9bfb39ff892c81d6ac9f25ff95d0389719595feb") + +# Delete a service account token + +clnt.api.svc_account_token_delete("9bfb39ff892c81d6ac9f25ff95d0389719595feb") diff --git a/docs/labs/lab08-resource-apis/resource_cvprac.py b/docs/labs/lab08-resource-apis/resource_cvprac.py new file mode 100644 index 0000000..e454fc9 --- /dev/null +++ b/docs/labs/lab08-resource-apis/resource_cvprac.py @@ -0,0 +1,187 @@ +# Copyright (c) 2021 Arista Networks, Inc. +# Use of this source code is governed by the Apache License 2.0 +# that can be found in the COPYING file. + +from cvprac.cvp_client import CvpClient +from pprint import pprint as pp +import ssl +ssl._create_default_https_context = ssl._create_unverified_context +import requests.packages.urllib3 +requests.packages.urllib3.disable_warnings() + +# Reading the service account token from a file +with open("token.tok") as f: + token = f.read().strip('\n') + +clnt = CvpClient() +clnt.connect(nodes=['cvp1'], username='',password='',api_token=token) + +def get_events_all(client): + ''' Get All events ''' + event_url = '/api/resources/event/v1/Event/all' + response = client.get(event_url) + return response['data'] + +def get_event(client, key, ts): + event_url = '/api/resources/event/v1/Event?' + url = event_url + 'key.key=' + key + "&key.timestamp=" + ts + response = client.get(url) + return response + +def get_events_t1_t2(client, t1, t2): + event_url = '/api/resources/event/v1/Event/all?' + url = event_url + 'time.start=' + t1 + "&time.end=" + t2 + response = client.get(url) + return response['data'] + +def get_events_by_severity(client, severity): + payload = {"partialEqFilter": [{"severity": severity }]} + event_url = '/api/resources/event/v1/Event/all' + response = client.post(event_url, data=payload) + if 'data' in response.keys(): + return response['data'] + else: + return response + +def get_events_by_type(client, etype): + payload = {"partialEqFilter": [{"eventType": etype }]} + event_url = '/api/resources/event/v1/Event/all' + response = client.post(event_url, data=payload) + if 'data' in response.keys(): + return response['data'] + else: + return response + +def get_active_devices(client): + ''' Get active devices ''' + dev_url = '/api/resources/inventory/v1/Device/all' + devices_data = client.get(dev_url) + devices = [] + for device in devices_data['data']: + try: + if device['result']['value']['streamingStatus'] == "STREAMING_STATUS_ACTIVE": + devices.append(device['result']['value']['hostname']) + # pass on archived datasets + except KeyError as e: + continue + return devices + +def get_all_device_tags(client): + tag_url = '/api/resources/tag/v1/DeviceTag/all' + tag_data = client.get(tag_url) + tags = [] + for tag in tag_data['data']: + tags.append({tag['result']['value']['key']['label']:tag['result']['value']['key']['value']}) + return tags + +def get_all_interface_tags(client): + tag_url = '/api/resources/tag/v1/InterfaceTagAssignmentConfig/all' + tags = client.get(tag_url) + return tags['data'] + +def filter_interface_tag(client, dId=None, ifId=None, label=None, value=None): + tag_url = '/api/resources/tag/v1/InterfaceTagAssignmentConfig/all' + payload = { + "partialEqFilter": [ + {"key": {"deviceId": dId, "interfaceId": ifId, "label": label, "value": value}} + ] + } + response = client.post(tag_url, data=payload) + return response + +def create_itag(client, label, value): + tag_url = '/api/resources/tag/v1/InterfaceTagConfig' + payload = {"key":{"label":label,"value":value}} + response = client.post(tag_url, data=payload) + return response + +def assign_itag(client, dId, ifId, label, value): + tag_url = '/api/resources/tag/v1/InterfaceTagAssignmentConfig' + payload = {"key":{"label":label, "value":value, "deviceId": dId, "interfaceId": ifId}} + response = client.post(tag_url, data=payload) + return response + +def create_dtag(client, label, value): + tag_url = '/api/resources/tag/v1/DeviceTagConfig' + payload = {"key":{"label":label,"value":value}} + response = client.post(tag_url, data=payload) + return response + +def assign_dtag(client, dId, label, value): + tag_url = '/api/resources/tag/v1/DeviceTagAssignmentConfig' + payload = {"key":{"label":label, "value":value, "deviceId": dId}} + response = client.post(tag_url, data=payload) + return response + +### Uncomment the below functions/print statement to test + +# ### Get all active events +# print ('=== All active events ===') +# cvpevents = get_events_all(clnt) +# for event in cvpevents: +# print(event) + +# ### Get a specific event +# key = "6098ae39e4c8a9d7" +# ts ="2021-04-06T21:53:00Z" +# get_event(clnt, key, ts) + +# ### Get events between two dates +# t1 = "2021-04-06T09:00:00Z" +# t2 = "2021-04-06T14:00:00Z" +# events = get_events_t1_t2(clnt, t1, t2) +# print(f"=== Events between {t1} and {t2} ===") +# pp(events) + +# ### Get all INFO severity events ### +# # EVENT_SEVERITY_UNSPECIFIED = 0 +# # EVENT_SEVERITY_INFO = 1 +# # EVENT_SEVERITY_WARNING = 2 +# # EVENT_SEVERITY_ERROR = 3 +# # EVENT_SEVERITY_CRITICAL = 4 +# #################################### + +# severity = 1 ## Severity INFO +# info = get_events_by_severity(clnt, severity) +# print('=== Get all INFO severity events ===') +# pp(info) + +# ### Get specific event types + +# etype = "LOW_DEVICE_DISK_SPACE" +# event = get_events_by_type(clnt, etype) +# print('=== Get all Low Disk Space events ===') +# pp(event) + +# ### Get the inventory +# print ('=== Inventory ===') +# print(get_active_devices(clnt)) + +# ### Get all devie tags +# print('=== Device Tags ===' ) +# for tag in get_all_device_tags(clnt): +# print (tag) + +# ### Get all interface tag assignments +# print(get_all_interface_tags(clnt)) + +# ### Get all interfaces that have a tag with a specific value on a device +# print(filter_interface_tag(clnt, dId="JPE14070534", value="speed40Gbps")) + +# ### Get all tags for an interface of a device +# print(filter_interface_tag(clnt, dId="JPE14070534", ifId="Ethernet1")) + +# ### Get all interfaces that have a specific tag assigned +# print(filter_interface_tag(clnt, dId="JPE14070534", label="lldp_hostname")) + +# ### Create an interface tag +# create_itag(clnt, "lldp_chassis", "50:08:00:0d:00:48") + +# ### Assign an interface tag +# assign_itag(clnt, "JPE14070534", "Ethernet4", "lldp_chassis", "50:08:00:0d:00:38") + +# ### Create a device tag +# create_dtag(clnt, "topology_hint_pod", "ire-pod11") + +# ### Assign an interface tag +# assign_dtag(clnt, "JPE14070534", "topology_hint_pod", "ire-pod11" ) diff --git a/docs/labs/lab08-resource-apis/topology_tag_assignment.py b/docs/labs/lab08-resource-apis/topology_tag_assignment.py new file mode 100644 index 0000000..973e9f7 --- /dev/null +++ b/docs/labs/lab08-resource-apis/topology_tag_assignment.py @@ -0,0 +1,106 @@ +# Copyright (c) 2021 Arista Networks, Inc. +# Use of this source code is governed by the Apache License 2.0 +# that can be found in the COPYING file. + +# In this example we are going to assign topology tags using the tags.v2 workspace aware API +# More details on tag.v2 can be found at https://aristanetworks.github.io/cloudvision-apis/models/tag.v2/ +# NOTE: Tag.v2 can be used for assigning both device and interface tags (studios, topology, etc) and it's not +# limited to topology tags only. +# The following are some of the built-in tags that can be used to modify the Topology rendering: +# topology_hint_type: < core | edge | endpoint | management | leaf | spine > +# topology_hint_rack: < rack name as string > +# topology_hint_pod: < pod name as string > +# topology_hint_datacenter: < datacenter name as string > +# topology_hint_building: < building name as string > +# topology_hint_floor: < floor name as string > +# topology_network_type: < datacenter | campus | cloud > + +from cvprac.cvp_client import CvpClient +import uuid +from datetime import datetime + +# Reading the service account token from a file +with open("token.tok") as f: + token = f.read().strip('\n') + +# Create connection to CloudVision +clnt = CvpClient() +clnt.connect(nodes=['cvp1'], username='',password='',api_token=token) + +tags_common = [{"key": "topology_hint_pod", "value": "tp-avd-pod1"}, + {"key": "topology_hint_datacenter", "value": "tp-avd-dc1"}] +tags_leaf1 = [{"key": "topology_hint_rack", "value": "tp-avd-leafs1"}, + {"key": "topology_hint_type", "value": "leaf"}] +tags_leaf2 = [{"key": "topology_hint_rack", "value": "tp-avd-leafs2"}, + {"key": "topology_hint_type", "value": "leaf"}] +tags_spines = [{"key": "topology_hint_rack", "value": "tp-avd-spines"}, + {"key": "topology_hint_type", "value": "spine"}] + +# Create workspace +display_name = f"Change_{datetime.now().strftime('%Y%m%d_%H%M%S')}" +workspace_id = str(uuid.uuid4()) +clnt.api.workspace_config(workspace_id,display_name) + +### Create tags +element_type = "ELEMENT_TYPE_DEVICE" + +for tag in tags_common+tags_leaf1+tags_leaf2+tags_spines: + tag_label = tag['key'] + tag_value = tag['value'] + clnt.api.tag_config(element_type, workspace_id, tag_label, tag_value) + +### Assign tags +devices = {"leafs1":["BAD032986065E8DC14CBB6472EC314A6","0123F2E4462997EB155B7C50EC148767"], + "leafs2":["8520AF39790A4EC959550166DC5DEADE", "6323DA7D2B542B5D09630F87351BEA41"], + "spines":["CD0EADBEEA126915EA78E0FB4DC776CA", "2568DB4A33177968A78C4FD5A8232159"]} + +for tag in tags_common+tags_leaf1: + tag_label = tag['key'] + tag_value = tag['value'] + interface_id = '' + for leaf in devices['leafs1']: + device_id = leaf + clnt.api.tag_assignment_config(element_type, workspace_id, tag_label, tag_value, device_id, interface_id) +for tag in tags_common+tags_leaf2: + tag_label = tag['key'] + tag_value = tag['value'] + interface_id = '' + for leaf in devices['leafs2']: + device_id = leaf + clnt.api.tag_assignment_config(element_type, workspace_id, tag_label, tag_value, device_id, interface_id) +for tag in tags_common+tags_spines: + tag_label = tag['key'] + tag_value = tag['value'] + interface_id = '' + for spine in devices['spines']: + device_id = spine + clnt.api.tag_assignment_config(element_type, workspace_id, tag_label, tag_value, device_id, interface_id) + +### Start build +request = 'REQUEST_START_BUILD' +request_id = 'b1' +description='testing cvprac build' +clnt.api.workspace_config(workspace_id=workspace_id, display_name=display_name, + description=description, request=request, request_id=request_id) + +### Check workspace build status and proceed only after it finishes building +b = 0 +while b == 0: + build_id = request_id + # Requesting for the build status too fast might fail if the build start didn't finish creating + # the build with the request_id/build_id + while True: + try: + request = clnt.api.workspace_build_status(workspace_id, build_id) + break + except Exception as e: + continue + if request['value']['state'] == 'BUILD_STATE_SUCCESS': + b = b+1 + else: + continue + +### Submit workspace +request = 'REQUEST_SUBMIT' +request_id = 's1' +clnt.api.workspace_config(workspace_id=workspace_id,display_name=display_name,description=description,request=request,request_id=request_id) diff --git a/docs/labs/static/serviceaccount1.png b/docs/labs/static/serviceaccount1.png Binary files differnew file mode 100644 index 0000000..b6de68b --- /dev/null +++ b/docs/labs/static/serviceaccount1.png diff --git a/docs/labs/static/serviceaccount2.png b/docs/labs/static/serviceaccount2.png Binary files differnew file mode 100644 index 0000000..3b49542 --- /dev/null +++ b/docs/labs/static/serviceaccount2.png diff --git a/docs/labs/static/serviceaccount3.png b/docs/labs/static/serviceaccount3.png Binary files differnew file mode 100644 index 0000000..2eca99a --- /dev/null +++ b/docs/labs/static/serviceaccount3.png diff --git a/docs/release-notes-0.7.0.rst b/docs/release-notes-0.7.0.rst new file mode 100644 index 0000000..3d1a26d --- /dev/null +++ b/docs/release-notes-0.7.0.rst @@ -0,0 +1,25 @@ +###### +v0.7.0 +###### + +2017-03-30 + +New Modules +^^^^^^^^^^^ + + +Enhancements +^^^^^^^^^^^^ + +* Add image upgrade feature to api. (`19 <https://github.com/aristanetworks/cvprac/pull/19>`_) [`mharista <https://github.com/mharista>`_] + Added functions for applying image bundles to devices and adding or removing image bundles from containers. Also added container and image information gathering functions. +* Add deploy_device functionality (`23 <https://github.com/aristanetworks/cvprac/pull/23>`_) [`mharista <https://github.com/mharista>`_] + Added function deploy_device and helper functions for automated deploying of a device from the a container (for example the Undefined container), to the proper end container. Applies any necessary configlets and optionally an image in the process. Also added new functionality for getting information related to containers and devices (for example getting a devices parent container, or a list of devices in a container). Made task creation optional for calls that would normally create a task. Default behavior is to create the task, but if the user wants to take multiple actions for execution in one task (as done in deploy_device) the user can tell the function not to create the task (essentially what this does is delay the call to saveTopology while adding multiple tempActions). +* Add ability for user to configure log level. (`26 <https://github.com/aristanetworks/cvprac/pull/26>`_) [`mharista <https://github.com/mharista>`_] + Logging level can now we set during client initialization or changed at any time using a client setter. + +Fixed +^^^^^ + +* Make REST call to addTempAction before saveTopology. (`17 <https://github.com/aristanetworks/cvprac/issues/17>`_) + New CVP version requires calls to addTempAction before saveTopology or the save will not do anything. In the CVP UI creating a container is the equivalent of addTempAction and then clicking save at the bottom to confirm the container remains is the equivalent of saveTopology. diff --git a/docs/release-notes-0.8.0.rst b/docs/release-notes-0.8.0.rst new file mode 100644 index 0000000..1fddc1b --- /dev/null +++ b/docs/release-notes-0.8.0.rst @@ -0,0 +1,28 @@ +###### +v0.8.0 +###### + +2017-09-12 + +New Modules +^^^^^^^^^^^ + +* Added/updated API function for validating a devices config. (`27 <https://github.com/aristanetworks/cvprac/pull/27>`_) (`updates <https://github.com/aristanetworks/cvprac/commit/c5466163a5d79ffb4cd0ee18d1e47371b7264c35>`_) + New function in API that will return True if the passed in device is running a valid config. Will return False and log error messages if the device validation check fails. +* Add Jenkins integration and pre-commit hook. (`31 <https://github.com/aristanetworks/cvprac/pull/31>`_) [`jerearista <https://github.com/jerearista>`_] +* Update client protocol default to https with http fallback. (`33 <https://github.com/aristanetworks/cvprac/pull/33>`_) [`mharista <https://github.com/mharista>`_] + With new versions of CVP only supporting https we have changed the default protocol used to https. The protocol parameter passed to the client is no longer used. The client connect will attempt to use https with a fallback of http if it fails to connect via https. A user can force https with no http fallback by providing a path to a valid certificate to the connect method for new parameter cert. Default https connection with no cert provided will use unverified https requests. + +Enhancements +^^^^^^^^^^^^ + +* Added property to CvpClient that stores last node a request was made to. (`34 <https://github.com/aristanetworks/cvprac/pull/34>`_) [`mharista <https://github.com/mharista>`_] + New last_used_node function will return the last CVP node a request was sent to. + +Fixed +^^^^^ + +* Fixed functions for removing images from devices and containers. (`33 <https://github.com/aristanetworks/cvprac/pull/33>`_) [`mharista <https://github.com/mharista>`_] + Bugs in the code for removing images was causing system tests to fail due to the system under tests to get out of compliance. +* Removed non-default python logging module. (`38 <https://github.com/aristanetworks/cvprac/pull/38>`_) [`grybak-arista <https://github.com/grybak-arista>`_] + Using default logging built into python. The non-default module was causing problems in some cases when installing with pip. diff --git a/docs/release-notes-0.9.0.rst b/docs/release-notes-0.9.0.rst new file mode 100644 index 0000000..3f8dd5c --- /dev/null +++ b/docs/release-notes-0.9.0.rst @@ -0,0 +1,32 @@ +###### +v0.9.0 +###### + +2018-04-17 + +New Modules +^^^^^^^^^^^ + +* Added Inventory handling methods. (`51 <https://github.com/aristanetworks/cvprac/pull/51>`_) [`cheynearista <https://github.com/cheynearista>`_] + add_device_to_inventory, retry_add_to_inventory, delete_device, delete_devices, get_non_connected_device_count, save_inventory. +* Add basic logout api function. (`d52f4a0 <https://github.com/aristanetworks/cvprac/commit/d52f4a07c49e358d86ca0701d5885cddfd231f98>`_) [`mharista <https://github.com/mharista>`_] + Added for future enhanced handling of session logout. + +Enhancements +^^^^^^^^^^^^ + +* Add ability to provide a query parameter to get_inventory. (`423d555 <https://github.com/aristanetworks/cvprac/commit/423d555adfd0a015ee96540fdc1048a0e26c5c84>`_) [`mharista <https://github.com/mharista>`_] + Query string can be used as a match to filter returned inventory list. For example you can filter on a specific version of EOS. +* Add contact info to docs. (`693d3ba <https://github.com/aristanetworks/cvprac/commit/693d3ba57caa72bb326adbae98b64dba8bc0f104>`_) [`mharista <https://github.com/mharista>`_] + +Fixed +^^^^^ + +* Fix get_device_by_name to return only the device with the given FQDN. (`41 <https://github.com/aristanetworks/cvprac/pull/41>`_) + This was returning all devices that contained the provided name as a string in their data. Now verify the FQDN matches the name before returning. +* Fix get_devices_in_container to only return devices in the specified container. (`2b26d0c <https://github.com/aristanetworks/cvprac/commit/2b26d0cff773ff687e0d7c0460dd64c9927f2383>`_) [`mharista <https://github.com/mharista>`_] + This was previously returning all devices from get_inventory that matched a query string anywhere in their data instead of specific to the parent container. +* Remove 'id': 1 from data structs in requests. (`52 <https://github.com/aristanetworks/cvprac/pull/52>`_) [`grybak-arista <https://github.com/grybak-arista>`_] + This key:value being included int he request data causes an error in 2018 versions of CVP. +* Add fix for special characters in object names in url. (`53 <https://github.com/aristanetworks/cvprac/pull/53>`_) [`mharista <https://github.com/mharista>`_] + Special characters in request parameters (for example a container name Rack2+_DC11) would cause unexpected results. This are now properly escaped for HTTP. diff --git a/docs/release-notes-1.0.0.rst b/docs/release-notes-1.0.0.rst new file mode 100644 index 0000000..3f4e958 --- /dev/null +++ b/docs/release-notes-1.0.0.rst @@ -0,0 +1,41 @@ +###### +v1.0.0 +###### + +2018-12-05 + +New Modules +^^^^^^^^^^^ + +* Added method for capturing container level snapshot. (`57 <https://github.com/aristanetworks/cvprac/pull/57>`_) [`brokenpackets <https://github.com/brokenpackets>`_] + capture_container_level_snapshot. +* Added method for getting event by ID. (`58 <https://github.com/aristanetworks/cvprac/pull/58>`_) [`brokenpackets <https://github.com/brokenpackets>`_] + get_event_by_id. +* Added method for getting device running config. (`3b97ba3 <https://github.com/aristanetworks/cvprac/commit/3b97ba3533ef0783d1a3ef6e5e060949245f4715>`_) [`mharista <https://github.com/mharista>`_] + get_device_configuration. +* Added methods for change control functionality. (`7e49447 <https://github.com/aristanetworks/cvprac/commit/7e494473cf519a506d0445b4bf8f726fe353b753>`_) [`mharista <https://github.com/mharista>`_] + get_change_controls, change_control_available_tasks, create_change_control. +* Added method for adding notes to change control. (`e21c0ae <https://github.com/aristanetworks/cvprac/commit/e21c0aeb7d3a6141fc2ab3876906a201ddba3dcd>`_) [`mharista <https://github.com/mharista>`_] + add_notes_to_change_control. +* Add assorted methods. (`68 <https://github.com/aristanetworks/cvprac/pull/68>`_) [`grybak-arista <https://github.com/grybak-arista>`_] + get_configlets, get_configlets_by_container_id, get_configlets_by_netelement_id, add_note_to_configlet, get_all_temp_actions, + get_applied_devices, get_applied_containers, filter_topology, get_default_snapshot_template, capture_container_level_snapshot, + add_image, save_image_bundle, update_image_bundle, execute_change_control, get_change_control_info. + +Enhancements +^^^^^^^^^^^^ + +* Add flag for create_task to deploy_device. (`59 <https://github.com/aristanetworks/cvprac/pull/59>`_) [`brokenpackets <https://github.com/brokenpackets>`_] + Flag defaults to True and allows user to decide if they want tasks automatically created when calling deploy_device. +* Allow waiting for task IDs when updating configlets. (`67 <https://github.com/aristanetworks/cvprac/pull/67>`_) [`grybak-arista <https://github.com/grybak-arista>`_] + Flag for waitForTaskIds parameter added to update_configlet method. Defaults to False. +* Update appropriate APIs and tests to support CVP 2018.2. (`ad7b576 <https://github.com/aristanetworks/cvprac/commit/ad7b576758f6c8aaa839301ca68b4669ac377239>`_) [`mharista <https://github.com/mharista>`_] + CVP 2018.2 includes large changes to the Restful APIs. Many APIs are deprecated and many APIs return data is slightly different from data returned by 2018.1. + This update does processing to help mitigate some of these changes by fixing return data of 2018.2 to look more like return data from 2018.1 in cases where + fields are removed or have their name key changed. Be aware that though this update catches many of these cases it does not catch all. + +Fixed +^^^^^ + +* Fix connection reconnect handling for CVP 2018 support. (`e13dc54 <https://github.com/aristanetworks/cvprac/commit/e13dc546ecccf7fd25fd48458226cbe9c3cf0aa8>`_) [`mharista <https://github.com/mharista>`_] + Unauthorized handled differently. diff --git a/docs/release-notes-1.0.1.rst b/docs/release-notes-1.0.1.rst new file mode 100644 index 0000000..425a295 --- /dev/null +++ b/docs/release-notes-1.0.1.rst @@ -0,0 +1,28 @@ +###### +v1.0.1 +###### + +2019-1-16 + +New Modules +^^^^^^^^^^^ + +* Add cancel_image API method for removing an added image before it is saved. (`76 <https://github.com/aristanetworks/cvprac/pull/76>`_) [`mharista <https://github.com/mharista>`_] + Used in system tests for add_image to reset the CVP node under test to its original state. +* Add delete_image_bundle API method for removing an image bundle. (`76 <https://github.com/aristanetworks/cvprac/pull/76>`_) [`mharista <https://github.com/mharista>`_] + Used in system tests for add_update_delete_image_bundle to reset the CVP node under test to its original state. + +Enhancements +^^^^^^^^^^^^ + +* Updated all necessary modules and tests to support Python 3. (`76 <https://github.com/aristanetworks/cvprac/pull/76>`_) [`mharista <https://github.com/mharista>`_] +* Updated add_image method to use cvp_client object. (`76 <https://github.com/aristanetworks/cvprac/pull/76>`_) [`mharista <https://github.com/mharista>`_] +* Updated system tests to put CVP node under test back into its original state. (`76 <https://github.com/aristanetworks/cvprac/pull/76>`_) [`mharista <https://github.com/mharista>`_] + +Fixed +^^^^^ + +* Fixed usages of urllib quote_plus method to support Python 3. (`815ec47 <https://github.com/aristanetworks/cvprac/commit/815ec478409473a2259669594a6710895e908726>`_) [`mharista <https://github.com/mharista>`_] + Python 2 vs Python 3 require importing the method from different modules. +* Fixed formatting issues with client _make_request that were causing systests ran with Python 3 to fail. (`76 <https://github.com/aristanetworks/cvprac/pull/76>`_) [`mharista <https://github.com/mharista>`_] + When running systests with Python 3 the old _make_request was running UnboundLocalError. diff --git a/docs/release-notes-1.0.2.rst b/docs/release-notes-1.0.2.rst new file mode 100644 index 0000000..e9aa5f8 --- /dev/null +++ b/docs/release-notes-1.0.2.rst @@ -0,0 +1,32 @@ +###### +v1.0.2 +###### + +2020-2-3 + +New Modules +^^^^^^^^^^^ + +* Added API modules for cancel and delete change controls. (`21102ac <https://github.com/aristanetworks/cvprac/commit/21102ac35d591059d7c2ac26e620d6423e21f275>`_) [`mharista <https://github.com/mharista>`_] +* Add modules for applying configlets to containers and removing configlets from containers. (`89 <https://github.com/aristanetworks/cvprac/pull/89>`_) [`mharista <https://github.com/mharista>`_] +* Add module and test for API endpoint /provisioning/v2/validateAndCompareConfiglets.do. (`93 <https://github.com/aristanetworks/cvprac/pull/93>`_) [`mharista <https://github.com/mharista>`_] +* Updates for CVP 2019. Add search_configlets method. Update how we set the api version. Use pkg_resoureces.parse_version instead of brute force. (`95 <https://github.com/aristanetworks/cvprac/pull/95>`_) [`grybak-arista <https://github.com/grybak-arista>`_] +* Add method and tests for API endpoint /provisioning/getNetElementInfoById.do. (`d26d69f <https://github.com/aristanetworks/cvprac/commit/d26d69f16f13bbacbd72d2ee3ea4ae32c3fd1a98>`_) [`mharista <https://github.com/mharista>`_] +* Add method and tests for resetting a device back to Undefined container. (`fb9a96b <https://github.com/aristanetworks/cvprac/commit/fb9a96b1fbdf04c381460f8aa68a53b2b2ff8c70>`_) [`mharista <https://github.com/mharista>`_] +* Add method for adding configletbuilder. (`97 <https://github.com/aristanetworks/cvprac/pull/97>`_) [`networkRob <https://github.com/networkRob>`_] + +Enhancements +^^^^^^^^^^^^ + +* Add snapshot template key to task list entries for create change control method. (`80 <https://github.com/aristanetworks/cvprac/pull/80>`_) [`mharista <https://github.com/mharista>`_] +* Update add_devices_to_inventory to support multiple devices in one call. (`84 <https://github.com/aristanetworks/cvprac/pull/84>`_) [`grybak-arista <https://github.com/grybak-arista>`_] +* Add ability to set API request timeout via client connect method. (`92 <https://github.com/aristanetworks/cvprac/pull/92>`_) [`mharista <https://github.com/mharista>`_] +* Add return value for cancel_task method and update necessary tests. (`2356d59 <https://github.com/aristanetworks/cvprac/commit/2356d59e0e0fb9db2de9e8b3f123ad31c97e5cf76>`_) [`mharista <https://github.com/mharista>`_] +* Update existing Change Control APIs and add new ones for 2019.1.0. (`4fddb1e <https://github.com/aristanetworks/cvprac/commit/4fddb1ebb250f4d58dcd59ed952bdd12b3e04e7d>`_) [`mharista <https://github.com/mharista>`_] +* Update change_control_available_tasks to use standard get_tasks_by_status for 2019.1. (`06eb19a4 <https://github.com/aristanetworks/cvprac/commit/06eb19a4d6b3db3c22b92c4dc5452e5241f2e00c>`_) [`mharista <https://github.com/mharista>`_] + +Fixed +^^^^^ + +* Fix issue where requests fail if response has no json payload. (`81 <https://github.com/aristanetworks/cvprac/pull/81>`_) [`mharista <https://github.com/mharista>`_] +* Update error handling of unauthorized user for CVP 2019.x. (`f4bf302 <https://github.com/aristanetworks/cvprac/commit/f4bf30283891d41d5a55abe46c80736c7159aca9>`_) [`mharista <https://github.com/mharista>`_] diff --git a/docs/release-notes-1.0.3.rst b/docs/release-notes-1.0.3.rst new file mode 100644 index 0000000..d5861c0 --- /dev/null +++ b/docs/release-notes-1.0.3.rst @@ -0,0 +1,16 @@ +###### +v1.0.3 +###### + +2020-6-4 + +New Modules +^^^^^^^^^^^ + +Enhancements +^^^^^^^^^^^^ + +Fixed +^^^^^ + +* Fix issue where cvprac is using the incorrect version of the API for 2018.1.x. (`104 <https://github.com/aristanetworks/cvprac/pull/104>`_) [`colinmacgiolla <https://https://github.com/colinmacgiolla>`_] diff --git a/docs/release-notes-1.0.4.rst b/docs/release-notes-1.0.4.rst new file mode 100644 index 0000000..6449b2f --- /dev/null +++ b/docs/release-notes-1.0.4.rst @@ -0,0 +1,32 @@ +###### +v1.0.4 +###### + +2020-8-18 + +New Modules +^^^^^^^^^^^ + +* Add function and tests for getConfigletsAndAssociatedMappers.do API. (`d8e9316 <https://github.com/aristanetworks/cvprac/commit/d8e93168a3691f466f10e49a98c32b87ceb2aaa1>`_) [`mharista <https://github.com/mharista>`_] +* Add function and tests for getImageBundleByContainerId.do API. (`131783c <https://github.com/aristanetworks/cvprac/commit/131783ce4efa2afb4ec00c0cb9e6922c38eb4258>`_) [`mharista <https://github.com/mharista>`_] +* Add functions for user management APIs. (`113 <https://github.com/aristanetworks/cvprac/pull/113>`_) [`noredistribution <https://github.com/noredistribution>`_] +* Add function for delete user API and update user handling tests. (`681dc06 <https://github.com/aristanetworks/cvprac/commit/681dc0601cee2c10d1948284e68ba67baed7049e>`_) [`mharista <https://github.com/mharista>`_] + +Enhancements +^^^^^^^^^^^^ + +* Add delete() function to client for DELETE REST API requests. (`a8cdc82 <https://github.com/aristanetworks/cvprac/commit/a8cdc8274f7764021254bb1ffa87d26d368a8393>`_) [`mharista <https://github.com/mharista>`_] +* Add new API version (v4) for new CVP version 2020.2. (`546a119 <https://github.com/aristanetworks/cvprac/commit/546a1192e70ed9b77615a41837fecbeb729ca371>`_) [`mharista <https://github.com/mharista>`_] +* Update delete_devices() function for new CVP version. (`819c073 <https://github.com/aristanetworks/cvprac/commit/819c073bb60696ced61cf128348e59919dd0b3fa>`_) [`mharista <https://github.com/mharista>`_] +* Update get_device_configuration() function for new CVP version. (`9ef992a <https://github.com/aristanetworks/cvprac/commit/9ef992a4f08f67d79d0899d3627a240ca1f90621>`_) [`mharista <https://github.com/mharista>`_] +* Update apiversion variable to be float instead of string for better conditional handling. (`425f395 <https://github.com/aristanetworks/cvprac/commit/425f3959944c685e6698220e9f213631ca61679c>`_) [`mharista <https://github.com/mharista>`_] +* Add initial CVaaS support for CVP local users. (`3c28251 <https://github.com/aristanetworks/cvprac/commit/3c28251f3bb16fc26901318ecbf554ce324082d9>`_) [`mharista <https://github.com/mharista>`_] +* Improve efficiency of get_inventory() by removing extra API calls. (`b9c0e69 <https://github.com/aristanetworks/cvprac/commit/b9c0e6909296e851468ba55c45938575cda3e6d6>`_) [`mharista <https://github.com/mharista>`_] +* Improve efficiency of get_containers() function and add support for using CVaaS API token. (`82effac <https://github.com/aristanetworks/cvprac/commit/82effac800ea4cc855f5309c0b4baa490df77b88>`_) [`mharista <https://github.com/mharista>`_] +* Update documentation with API version handling info and different connection type examples. (`c714262 <https://github.com/aristanetworks/cvprac/commit/c714262290bab2752a64046f1d0955439b7ba94c>`_) [`mharista <https://github.com/mharista>`_] + +Fixed +^^^^^ + +* Fix issue with different field parameters in image object vs image bundle object. (`7d1b845 <https://github.com/aristanetworks/cvprac/commit/7d1b84522413b21180033cfda945ad25d62a3f30>`_) [`mharista <https://github.com/mharista>`_] +* Fix issue with 'errorCode' string being in request response text. (`7ea6570 <https://github.com/aristanetworks/cvprac/commit/7ea657013ea3f8bb9007d1e926458209254b4cc9>`_) [`mharista <https://github.com/mharista>`_] diff --git a/docs/release-notes-1.0.5.rst b/docs/release-notes-1.0.5.rst new file mode 100644 index 0000000..9cb1b44 --- /dev/null +++ b/docs/release-notes-1.0.5.rst @@ -0,0 +1,16 @@ +###### +v1.0.5 +###### + +2021-2-11 + +Enhancements +^^^^^^^^^^^^ + +* Never fallback to HTTP in case of connection failure. (`c2e6d97 <https://github.com/aristanetworks/cvprac/commit/c2e6d9770efb5eb56e3c4519db22281f6845b6c1>`_) [`freedge <https://github.com/freedge>`_] +* Add client handling for CVP 2020.3. Update get_logs_by_id for CVP 2020.3. (`ac23188 <https://github.com/aristanetworks/cvprac/commit/ac2318890dfd3af437411363d3b782a9d28dfac7>`_) [`mharista <https://github.com/mharista>`_] +* Add more detailed docstring to check_compliance function. (`e1ad7e8 <https://github.com/aristanetworks/cvprac/commit/e1ad7e813a6c7e557c27e068591ae7a9e527927f>`_) [`mharista <https://github.com/mharista>`_] +* Update get_device_by_name and get_device_by_mac to use search_topology instead of get_inventory. (`a2b35cb <https://github.com/aristanetworks/cvprac/commit/a2b35cb0609957b6178c549fb6a33e6eb59eeb5e>`_) [`mharista <https://github.com/mharista>`_] +* Add general support for using api tokens for access to REST API. (`409b68d <https://github.com/aristanetworks/cvprac/commit/409b68d905850bd471b0355b2574cf4497579ada>`_) [`mharista <https://github.com/mharista>`_] +* Updated/Enhanced user APIs. (`0c652ea <https://github.com/aristanetworks/cvprac/commit/0c652ea850c9bd4565c5e0f10f1161ae9984cc3f>`_) [`noredistribution <https://github.com/noredistribution>`_] +* Update approve_change_control to provide current time timestamp as default. (`fb13861 <https://github.com/aristanetworks/cvprac/commit/fb1386121b0114bfa06134f7dff4a4efa77a93b6>`_) [`colinmacgiolla <https://github.com/colinmacgiolla>`_] diff --git a/docs/release-notes-1.0.6.rst b/docs/release-notes-1.0.6.rst new file mode 100644 index 0000000..de52e0a --- /dev/null +++ b/docs/release-notes-1.0.6.rst @@ -0,0 +1,26 @@ +###### +v1.0.6 +###### + +2021-5-17 + +New Modules +^^^^^^^^^^^ + +* Added API method update_configlet_builder and test. (`a32dd7a <https://github.com/aristanetworks/cvprac/commit/a32dd7ae00f73d887eb7ae06635c0102be80945d>`_) [`dbm79 <https://github.com/dbm79>`_] +* Added function and test for API endpoint updateReconcileConfiglet.do. (`7e90de9 <https://github.com/aristanetworks/cvprac/commit/7e90de90c416c7dce750e1e9ae2928794efc2b1f>`_) [`mharista <https://github.com/mharista>`_] + +Enhancements +^^^^^^^^^^^^ + +* Add client handling for new resource API REST bindings that return multiple objects in response data. (`bea2d28 <https://github.com/aristanetworks/cvprac/commit/bea2d282093ceb10085e158acd76ed20c12ae485>`_) [`mharista <https://github.com/mharista>`_] + +Fixed +^^^^^ + +* Fix client logout function to use cvprac client post function instead of session post function. (`abaf257 <https://github.com/aristanetworks/cvprac/commit/abaf2577afb5b9b5e9d99a6b848ca2e987c22e66>`_) [`mharista <https://github.com/mharista>`_] +* Mask localhost/127.0.0.1 with node IP for configlet builder scripts. (`d45ac6e <https://github.com/aristanetworks/cvprac/commit/d45ac6e06394c05bb4c5584a14f262e3c814eef5>`_) [`Rajat Bajaj <https://github.com>`_] +* Updating info string to tackle backend inconsistent state when moving devices from the Undefined container. (`82ea8b9 <https://github.com/aristanetworks/cvprac/commit/82ea8b922c57bb86719351c55a2f8a671d49e0db>`_) [`noredistribution <https://github.com/noredistribution>`_] +* Remove CVaaS un/pw login. Only API tokens for CVaaS now. (`f9fd6b5 <https://github.com/aristanetworks/cvprac/commit/f9fd6b51698de9afcb6112c0180185a6e76f4e5c>`_) [`mharista <https://github.com/mharista>`_] +* Update redundant functions to self reference. (`0095b00 <https://github.com/aristanetworks/cvprac/commit/0095b0001839723680caea62323cae56a130ad32>`_) [`mharista <https://github.com/mharista>`_] +* Add exception when attempting to delete container with children for CVP versions 2020.1 and beyond. (`35bb566 <https://github.com/aristanetworks/cvprac/commit/35bb56609d6d986b11dff11b4454e2cdc120ccd9>`_) [`mharista <https://github.com/mharista>`_] diff --git a/docs/release-notes-1.0.7.rst b/docs/release-notes-1.0.7.rst new file mode 100644 index 0000000..137ad10 --- /dev/null +++ b/docs/release-notes-1.0.7.rst @@ -0,0 +1,19 @@ +###### +v1.0.7 +###### + +2021-7-1 + +New Modules +^^^^^^^^^^^ + +* Added new method for searching for a device by serial_number. (`f23e154 <https://github.com/aristanetworks/cvprac/commit/f23e154cb8c0ed33b8fd988f54b298963d191fd0>`_) [`titom73 <https://github.com/titom73>`_] + +Enhancements +^^^^^^^^^^^^ + +* Added form parameter to update_configlet_builder function. (`e5e3719 <https://github.com/aristanetworks/cvprac/commit/e5e37199647d70e9efdef844b17ce1ca88103db2>`_) [`mharista <https://github.com/mharista>`_] +* Added parameter to apply_configlets_to_device for reordering existing configlets. (`6681800 <https://github.com/aristanetworks/cvprac/commit/66818006c221ea56db7393aabb7805ed0275cf53>`_) [`mharista <https://github.com/mharista>`_] +* Added documentation examples of cvprac usage in docs/labs. (`b1c3443 <https://github.com/aristanetworks/cvprac/commit/b1c34433636958a2c3ab115a61d9dcec0f21ad80>`_) [`noredistribution <https://github.com/noredistribution>`_] +* Added support for searching by hostname to get_device_by_name. (`1eb08cb <https://github.com/aristanetworks/cvprac/commit/1eb08cbaf19d6723bbff0ef600b5beaaffa86b40>`_) [`titom73 <https://github.com/titom73>`_] +* Added lab example for saving topology with specific tempaction data. (`f3282a2 <https://github.com/aristanetworks/cvprac/commit/f3282a29a1b6f5acd81d3c0b24be5eb3b3ce89c9>`_) [`noredistribution <https://github.com/noredistribution>`_] diff --git a/docs/release-notes-1.2.0.rst b/docs/release-notes-1.2.0.rst new file mode 100644 index 0000000..1bc4db9 --- /dev/null +++ b/docs/release-notes-1.2.0.rst @@ -0,0 +1,33 @@ +###### +v1.2.0 +###### + +2022-5-20 + +New Modules +^^^^^^^^^^^ + +* Added new method for creating TerminAttr enrollment token. (`9bf409b <https://github.com/aristanetworks/cvprac/commit/9bf409b864774490dabac6fdcef24dc3735ad240>`_) [`noredistribution <https://github.com/noredistribution>`_] +* Added new methods for managing tags and workspaces. (`e0b8185 <https://github.com/aristanetworks/cvprac/commit/e0b818597b78345759be20b3319c3d574e56f732>`_) [`noredistribution <https://github.com/noredistribution>`_] +* Additional methods for managing workspaces. (`71eea87 <https://github.com/aristanetworks/cvprac/commit/71eea87a012950165f7e87b2bb8b83556da5b4bf>`_) [`mharista <https://github.com/mharista>`_] +* Added new methods for change control resource APIs. (`d0b1916 <https://github.com/aristanetworks/cvprac/commit/d0b19164012fc6358fb71bdba21ebd44ec126ca2>`_) [`noredistribution <https://github.com/noredistribution>`_] +* Added new methods for change control scheduling and device decommissioning. (`370d02f <https://github.com/aristanetworks/cvprac/commit/370d02fe8a33436337d0866d54a0201f76a5c44b>`_) [`noredistribution <https://github.com/noredistribution>`_] + +Enhancements +^^^^^^^^^^^^ + +* Added ability to run change control tasks sequentially or in parallel. (`5fd48d5e <https://github.com/aristanetworks/cvprac/commit/5fd48d5e33b6f657650b6bde949e202ba644776c>`_) [`mharista <https://github.com/mharista>`_] +* Improved system test setup and base classes. (`36029b5 <https://github.com/aristanetworks/cvprac/commit/36029b5c0f5d47b6cddeca89b33380afb69f2ec2>`_) [`KonikaChaurasiya-GSLab <https://github.com/KonikaChaurasiya-GSLab>`_] +* Do not run getConfigletByName for every configlet to make get_configlets more efficient. (`3c1a3eb <https://github.com/aristanetworks/cvprac/commit/3c1a3eb2ae9ebe2ae3f07835ac86cdbd33d34baa>`_) [`noredistribution <https://github.com/noredistribution>`_] +* Added system tests for new change control resource APIs and more system test infrastructure enhancements. (`4564ef3 <https://github.com/aristanetworks/cvprac/commit/4564ef327f1b8abd743adb791ed742d586fc5587>`_) [`KonikaChaurasiya-GSLab <https://github.com/KonikaChaurasiya-GSLab>`_] +* Added system test for new decommission device APIs. (`4fd4b7f <https://github.com/aristanetworks/cvprac/commit/4fd4b7f476ca08323fdf4c96df41665e7f78ec96>`_) [`noredistribution <https://github.com/noredistribution>`_] +* Documentation format updates. (`ac4f2ff <https://github.com/aristanetworks/cvprac/commit/ac4f2ff8f45fd68b42a5ce8b68e0a565e9dbe8a8>`_) [`tgodaA <https://github.com/tgodaA>`_] +* Assorted system test format updates for various CVP versions support. +* Added support for CVP versions up to CVP 2022.1.0. + +Fixed +^^^^^ + +* Removed timestamp variable declaration from approve change control function. (`2b1e6ac <https://github.com/aristanetworks/cvprac/commit/2b1e6ac44fbc912ea60841eb10ab2d19b1f59c65>`_) [`mharista <https://github.com/mharista>`_] +* Add wrapper function for validate_config that will return the full response data structure. (`0540c7a <https://github.com/aristanetworks/cvprac/commit/0540c7ac64cba0b6a8ad4de00f828519d1d5f557>`_) [`mharista <https://github.com/mharista>`_] +* Fix request headers for CVaaS. (`f57ea4e <https://github.com/aristanetworks/cvprac/commit/f57ea4e6089130eccbc91f6831fbb3d2054020af>`_) [`mharista <https://github.com/mharista>`_] diff --git a/docs/release-notes-1.2.2.rst b/docs/release-notes-1.2.2.rst new file mode 100644 index 0000000..84b8e39 --- /dev/null +++ b/docs/release-notes-1.2.2.rst @@ -0,0 +1,26 @@ +###### +v1.2.2 +###### + +2022-10-6 + +New Modules +^^^^^^^^^^^ + +* Add function for getUsers API. (`203 <https://github.com/aristanetworks/cvprac/pull/203>`_) [`mharista <https://github.com/mharista>`_] +* Added service account Resource APIs. (`208 <https://github.com/aristanetworks/cvprac/pull/208>`_) [`noredistribution <https://github.com/noredistribution>`_] + +Enhancements +^^^^^^^^^^^^ + +* Updated and added examples. (`205 <https://github.com/aristanetworks/cvprac/pull/205>`_) [`noredistribution <https://github.com/noredistribution>`_] +* Update documentation for PR semantics. (`206 <https://github.com/aristanetworks/cvprac/pull/206>`_) [`tgodaA <https://github.com/tgodaA>`_] +* Update development tools. (`209 <https://github.com/aristanetworks/cvprac/pull/209>`_) [`mharista <https://github.com/mharista>`_] +* Update system tests for CVP 2022.2.0 support. (`2fcf3d2 <https://github.com/aristanetworks/cvprac/commit/2fcf3d2ea409ede5ff1389fccfced773d1806d54>`_) [`mharista <https://github.com/mharista>`_] +* Simplified CVP version handling. (`211 <https://github.com/aristanetworks/cvprac/pull/211>`_) [`mharista <https://github.com/mharista>`_] + +Fixed +^^^^^ + +* Raise error for JSON decoding when incomplete block is found. (`202 <https://github.com/aristanetworks/cvprac/pull/202>`_) [`mharista <https://github.com/mharista>`_] +* Fixed issue with "data" key for Resource API GetAll calls that return a single object. (`215 <https://github.com/aristanetworks/cvprac/pull/215>`_) [`mharista <https://github.com/mharista>`_] diff --git a/docs/release-notes-1.3.0.rst b/docs/release-notes-1.3.0.rst new file mode 100644 index 0000000..1e9879c --- /dev/null +++ b/docs/release-notes-1.3.0.rst @@ -0,0 +1,30 @@ +###### +v1.3.0 +###### + +2023-2-28 + +New Modules +^^^^^^^^^^^ + +* Added functions for role APIs. (`238 <https://github.com/aristanetworks/cvprac/pull/238>`_) [`vmmor <https://github.com/vmmor>`_] +* Added support for proxies. (`243 <https://github.com/aristanetworks/cvprac/pull/243>`_) [`mharista <https://github.com/mharista>`_] + +Enhancements +^^^^^^^^^^^^ + +* Add timeouts as configurable parameters for system tests. (`228 <https://github.com/aristanetworks/cvprac/pull/228>`_) [`mharista <https://github.com/mharista>`_] +* Update delete_change_control() to call new Resource API endpoint for supported versions of CVP. (`230 <https://github.com/aristanetworks/cvprac/pull/230>`_) [`mharista <https://github.com/mharista>`_] + +Fixed +^^^^^ + +* Fixed format to allow usage of latest requests package. (`227 <https://github.com/aristanetworks/cvprac/pull/227>`_) [`mharista <https://github.com/mharista>`_] +* Fixed Service Account functions to use State endpoints instead of Config endpoints. (`235 <https://github.com/aristanetworks/cvprac/pull/235>`_) [`noredistribution <https://github.com/noredistribution>`_] +* Handle case for get_parent_container_for_device() returning None within reset_device(). (`240 <https://github.com/aristanetworks/cvprac/pull/240>`_) [`Shivani-chourasiya <https://github.com/Shivani-chourasiya>`_] + +Documentation +^^^^^^^^^^^^^ + +* Add end to end provisioning example for ATD. (`229 <https://github.com/aristanetworks/cvprac/pull/229>`_) [`noredistribution <https://github.com/noredistribution>`_] +* Add example to list applied devices and containers for specified configlet. (`241 <https://github.com/aristanetworks/cvprac/pull/241>`_) [`noredistribution <https://github.com/noredistribution>`_] diff --git a/docs/release-notes-1.3.1.rst b/docs/release-notes-1.3.1.rst new file mode 100644 index 0000000..61dd723 --- /dev/null +++ b/docs/release-notes-1.3.1.rst @@ -0,0 +1,10 @@ +###### +v1.3.1 +###### + +2023-4-12 + +Fixed +^^^^^ + +* Add workaround for issue in CVP API validate config. (`248 <https://github.com/aristanetworks/cvprac/pull/248>`_) [`chetryan <https://github.com/chetryan>`_] diff --git a/pre-commit.sh b/pre-commit.sh new file mode 100755 index 0000000..e502166 --- /dev/null +++ b/pre-commit.sh @@ -0,0 +1,90 @@ +#!/bin/bash +# +# Called by "git commit". The hook will run several checks on the +# source-code. If it exits with a non-zero status, the commit will +# be halted. +# +# To enable this hook, link this file to ".git/hooks/pre-commit": +# ln -s ../../pre-commit.sh .git/hooks/pre-commit +# +RED='\033[1;31m' +GREEN='\033[1;32m' +NC='\033[0m' + +if git rev-parse --verify HEAD >/dev/null 2>&1 +then + against=HEAD +else + # Initial commit: diff against an empty tree object + against=4b825dc642cb6eb9a060e54bf8d69288fbee4904 +fi + +# If you want to allow non-ASCII filenames set this variable to true. +allownonascii=$(git config --bool hooks.allownonascii) + +# Redirect output to stderr. +exec 1>&2 + +# Cross platform projects tend to avoid non-ASCII filenames; prevent +# them from being added to the repository. We exploit the fact that the +# printable range starts at the space character and ends with tilde. +if [ "$allownonascii" != "true" ] && + # Note that the use of brackets around a tr range is ok here, (it's + # even required, for portability to Solaris 10's /usr/bin/tr), since + # the square bracket bytes happen to fall in the designated range. + test $(git diff --cached --name-only --diff-filter=A -z ${against} | + LC_ALL=C tr -d '[ -~]\0' | wc -c) != 0 +then + cat <<\EOF +Error: Attempt to add a non-ASCII file name. + +This can cause problems if you want to work with people on other platforms. + +To be portable it is advisable to rename the file. + +If you know what you are doing you can disable this check using: + + git config hooks.allownonascii true +EOF + exit 1 +fi + +# If there are whitespace errors, print the offending file names and fail. +git diff-index --check --cached $against -- + +err=0 +msg='' + +run(){ + tmp=$(mktemp -t cv-precommit) + echo -n "Running '${*}': " + "$@" >"$tmp" 2>&1 + ret=$? + if [ $ret != 0 ]; then + let "err = $err + $ret" + msg="${msg}\n\t'${*}' failed" + echo -e "${RED}FAILED${NC}" + echo "Tried: ${*}" + cat "$tmp" + rm -f "$tmp" + else + echo -e "${GREEN}PASSED${NC}" + fi + return $ret +} + +START_TIME=$SECONDS +run make check +run make pep8 +run make pyflakes +run make pylint + +DURATION=$((SECONDS - START_TIME)) +echo "pre-commit checks took ${DURATION} seconds." +echo + +if [ ${err} != 0 ]; then + echo -e "${RED}ERROR: Some checks failed. Commit halted. [${err}]${NC}" + echo -e "${RED}Failed Tests: ${msg}${NC}" +fi +exit ${err} diff --git a/requirements.txt b/requirements.txt new file mode 100644 index 0000000..9029d8d --- /dev/null +++ b/requirements.txt @@ -0,0 +1 @@ +requests[socks]>=2.27.0 diff --git a/setup.py b/setup.py new file mode 100644 index 0000000..8c2c06b --- /dev/null +++ b/setup.py @@ -0,0 +1,124 @@ +# +# Copyright (c) 2016, Arista Networks, Inc. +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions are +# met: +# +# Redistributions of source code must retain the above copyright notice, +# this list of conditions and the following disclaimer. +# +# Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# +# Neither the name of Arista Networks nor the names of its +# contributors may be used to endorse or promote products derived from +# this software without specific prior written permission. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL ARISTA NETWORKS +# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR +# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE +# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN +# IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +""" This module provides a RESTful API client for Cloudvision(R) Portal (CVP) + which can be used for building applications that work with Arista CVP. +""" +import io +from os import path, walk + +try: + from setuptools import setup +except ImportError: + from distutils.core import setup + +from cvprac import __version__, __author__ + + +def find_modules(pkg): + ''' Return all modules from the pkg + ''' + modules = [pkg] + for dirname, dirnames, _ in walk(pkg): + for subdirname in dirnames: + modules.append(path.join(dirname, subdirname)) + return modules + + +def get_long_description(): + ''' Get the long description from README.rst if it exists. + Null string is returned if README.rst is non-existent + ''' + long_description = '' + here = path.abspath(path.dirname(__file__)) + try: + with io.open(path.join(here, 'README.md'), encoding='utf-8') as file_hdl: + long_description = file_hdl.read() + except IOError: + pass + return long_description + + +setup( + name='cvprac', + version=__version__, + description='Arista Cloudvision(R) Portal Rest API Client written in python', + long_description=get_long_description(), + long_description_content_type='text/markdown', + author=__author__, + author_email='eosplus-dev@arista.com', + url='https://github.com/aristanetworks/cvprac', + download_url='https://github.com/aristanetworks/cvprac/tarball/%s' % __version__, + license='BSD-3', + packages=find_modules('cvprac'), + + # See https://pypi.python.org/pypi?%3Aaction=list_classifiers + classifiers=[ + # How mature is this project? Common values are + # 3 - Alpha + # 4 - Beta + # 5 - Production/Stable + 'Development Status :: 4 - Beta', + + # Indicate who your project is intended for + 'Intended Audience :: Developers', + 'Intended Audience :: System Administrators', + + 'Topic :: Software Development :: Libraries', + 'Topic :: Software Development :: Libraries :: Python Modules', + 'Topic :: System :: Networking', + + # Pick your license as you wish (should match "license" above) + 'License :: OSI Approved :: BSD License', + + # Specify the Python versions you support here. In particular, ensure + # that you indicate whether you support Python 2, Python 3 or both. + 'Programming Language :: Python :: 2', + 'Programming Language :: Python :: 2.7', + ], + + # What does your project relate to? + keywords='networking CloudVision development rest api', + + # List run-time dependencies here. These will be installed by pip when + # your project is installed. For an analysis of "install_requires" vs pip's + # requirements files see: + # https://packaging.python.org/en/latest/requirements.html + install_requires=['requests[socks]>=2.27.0'], + + # List additional groups of dependencies here (e.g. development + # dependencies). You can install these using the following syntax, + # for example: + # $ pip install -e .[dev] + extras_require={ + 'dev': ['check-manifest', 'pep8', 'pyflakes', 'pylint', 'coverage', + 'pyyaml'], + }, +) |