salt.proxy.cisconso

Proxy Minion interface module for managing (practically) any network device with Cisco Network Services Orchestrator (Cisco NSO). Cisco NSO uses a series of remote polling agents, APIs and SSH commands to fetch network configuration and represent it in a data model. PyNSO, the Python module used by this proxy minion does the task of converting native Python dictionaries into NETCONF/YANG syntax that the REST API for Cisco NSO can then use to set the configuration of the target network device.

Supported devices:

A10 AX Series
Arista 7150 Series
Ciena 3000, 5000, ESM
H3c S5800 Series
Overture 1400, 2200, 5000, 5100, 6000
Accedian MetroNID
Avaya ERS 4000, SR8000, VSP 9000
Cisco: APIC-DC, ASA, IOS, IOS XE, IOS XR, er, ME-4600, NX OS,

Prime Network Registrar, Quantum, StarOS, UCS ManagWSA
Huawei: NE40E, quidway series, Enterprise Network Simulation Framework
PaloAlto PA-2000, PA-3000, Virtualized Firewalls
Adtran 900 Series
Brocade ADX, MLX, Netiron, Vyatta
Dell Force 10 Networking S-Series
Infinera DTN-X Multi-Terabit Packet Optical Network Platform
Pulsecom SuperG
Adva 150CC Series
CableLabs Converged Cable Access Platform
Ericsson EFN324 Series, SE family
Juniper: Contrail, EX, M, MX, QFX, SRX, Virtual SRX
Quagga Routing Software
Affirmed Networks
Citrix Netscaler
F5 BIG-IP
NEC iPasolink
Riverbed Steelhead Series
Alcatel-Lucent 7XXX, SAM
Clavister
Fortinet
Nominum DCS
Sonus SBC 5000 Series
Allied Telesys
Open vSwitch

New in version 2016.11.0.

codeauthor: Anthony Shaw <[email protected]>

This proxy minion enables a consistent interface to fetch, control and maintain the configuration of network devices via a NETCONF-compliant control plane. Cisco Network Services Orchestrator.

More in-depth conceptual reading on Proxy Minions can be found in the Proxy Minion section of Salt's documentation.

Dependencies

pynso Python module

PyNSO

PyNSO can be installed via pip:

pip install pynso

Configuration

To use this integration proxy module, please configure the following:

Pillar

Proxy minions get their configuration from Salt's Pillar. Every proxy must have a stanza in Pillar and a reference in the Pillar top-file that matches the ID. At a minimum for communication with the NSO host, the pillar should look like this:

proxy:
  proxytype: cisconso
  host: <ip or dns name of host>
  port: 8080
  use_ssl: false
  username: <username>
  password: password

proxytype

The proxytype key and value pair is critical, as it tells Salt which interface to load from the proxy directory in Salt's install hierarchy, or from /srv/salt/_proxy on the Salt Master (if you have created your own proxy module, for example). To use this Cisco NSO Proxy Module, set this to cisconso.

host

The location, or IP/dns, of the Cisco NSO API host. Required.

username

The username used to login to the Cisco NSO host, such as admin. Required.

passwords

The password for the given user. Required.

use_ssl

Whether to use HTTPS messaging to speak to the API.

port

The port that the Cisco NSO API is running on, 8080 by default

Salt Proxy

After your pillar is in place, you can test the proxy. The proxy can run on any machine that has network connectivity to your Salt Master and to the Cisco NSO host in question. SaltStack recommends that the machine running the salt-proxy process also run a regular minion, though it is not strictly necessary.

On the machine that will run the proxy, make sure there is an /etc/salt/proxy file with at least the following in it:

master: <ip or hostname of salt-master>

You can then start the salt-proxy process with:

salt-proxy --proxyid <id you want to give the host>

You may want to add -l debug to run the above in the foreground in debug mode just to make sure everything is OK.

Next, accept the key for the proxy on your salt-master, just like you would for a regular minion:

salt-key -a <id you gave the cisconso host>

You can confirm that the pillar data is in place for the proxy:

salt <id> pillar.items

And now you should be able to ping the Cisco NSO host to make sure it is responding:

salt <id> test.ping

salt.proxy.cisconso.apply_rollback(datastore, name)

Apply a system rollback

Parameters

datastore (DatastoreType (str enum).) -- The datastore, e.g. running, operational. One of the NETCONF store IETF types
name (str) -- an ID of the rollback to restore

salt.proxy.cisconso.get_data(datastore, path)

Get the configuration of the device tree at the given path

Parameters

datastore (DatastoreType (str enum).) -- The datastore, e.g. running, operational. One of the NETCONF store IETF types
path (list of str OR tuple) -- The device path, a list of element names in order, comma separated

Returns

The network configuration at that tree

Return type

dict

salt cisco-nso cisconso.get_data devices

salt.proxy.cisconso.get_rollback(name)

Get the backup of stored a configuration rollback

Parameters: name (str) -- Typically an ID of the backup
Return type: str
Returns: the contents of the rollback snapshot

salt.proxy.cisconso.get_rollbacks()

Get a list of stored configuration rollbacks

salt.proxy.cisconso.grains()

Get the grains from the proxy device.

salt.proxy.cisconso.init(opts)

salt.proxy.cisconso.ping()

Check to see if the host is responding. Returns False if the host didn't respond, True otherwise.

CLI Example:

salt cisco-nso test.ping

salt.proxy.cisconso.set_data_value(datastore, path, data)

Get a data entry in a datastore

Parameters

datastore (DatastoreType (str enum).) -- The datastore, e.g. running, operational. One of the NETCONF store IETF types
path (list of str OR tuple) -- The device path to set the value at, a list of element names in order, comma separated
data (dict) -- The new value at the given path

Return type

bool

Returns

True if successful, otherwise error.

salt.proxy.cisconso.shutdown()

Shutdown the connection to the proxy device. For this proxy, shutdown is a no-op.

© 2021 SaltStack.
Licensed under the Apache License, Version 2.0.
https://docs.saltproject.io/en/latest/ref/proxy/all/salt.proxy.cisconso.html