salt.proxy.napalm
NAPALM: Network Automation and Programmability Abstraction Layer with Multivendor support
New in version 2016.11.0.
Proxy minion for managing network devices via NAPALM library.
- codeauthor
-
Mircea Ulinic <ping@mirceaulinic.net> & Jerome Fleury <jf@cloudflare.com>
- maturity
-
new
- depends
-
napalm
- platform
-
unix
Dependencies
The napalm
proxy module requires NAPALM library to be installed: pip install napalm
Please check Installation for complete details.
Note
Beginning with Salt release 2017.7.3, it is recommended to use napalm
>= 2.0.0
. The library has been unified into a monolithic package, as in opposite to separate packages per driver. For more details you can check this document. While it will still work with the old packages, bear in mind that the NAPALM core team will maintain only the main napalm
package.
Moreover, for additional capabilities, the users can always define a library that extends NAPALM's base capabilities and configure the provider
option (see below).
Pillar
The napalm proxy configuration requires the following parameters in order to connect to the network device:
- driver
-
Specifies the network device operating system. For a complete list of the supported operating systems please refer to the NAPALM Read the Docs page.
- host
-
The IP Address or FQDN to use when connecting to the device. Alternatively, the following field names can be used instead:
hostname
,fqdn
,ip
. - username
-
The username to be used when connecting to the device.
- passwd
-
The password needed to establish the connection.
Note
This field may not be mandatory when working with SSH-based drivers, and the username has a SSH key properly configured on the device targeted to be managed.
- optional_args
-
Dictionary with the optional arguments. Check the complete list of supported optional arguments.
- always_alive:
True
-
In certain less dynamic environments, maintaining the remote connection permanently open with the network device is not always beneficial. In that case, the user can select to initialize the connection only when needed, by specifying this field to
false
. Default:true
(maintains the connection with the remote network device).New in version 2017.7.0.
- provider:
napalm_base
-
The library that provides the
get_network_device
function. This option is useful when the user has more specific needs and requires to extend the NAPALM capabilities using a private library implementation. The only constraint is that the alternative library needs to have theget_network_device
function available.New in version 2017.7.1.
- multiprocessing:
False
-
Overrides the
multiprocessing
option, per proxy minion. Themultiprocessing
option must be turned off for SSH-based proxies. However, some NAPALM drivers (e.g. Arista, NX-OS) are not SSH-based. As multiple proxy minions may share the same configuration file, this option permits the configuration of themultiprocessing
option more specifically, for some proxy minions.New in version 2017.7.2.
Proxy pillar file example:
proxy: proxytype: napalm driver: junos host: core05.nrt02 username: my_username passwd: my_password optional_args: port: 12201
Example using a user-specific library, extending NAPALM's capabilities, e.g. custom_napalm_base
:
proxy: proxytype: napalm driver: ios fqdn: cr1.th2.par.as1234.net username: salt password: '' provider: custom_napalm_base
See also
NAPALM grains: select network devices based on their characteristics
Network config state: Manage the configuration using arbitrary templates
NAPALM YANG state: Manage the configuration according to the YANG models (OpenConfig/IETF)
Network ACL module: Generate and load ACL (firewall) configuration
Note
Beginning with release codename 2019.2.0, any NAPALM command executed when running under a NAPALM Proxy Minion supports the force_reconnect
magic argument.
Proxy Minions generally establish a connection with the remote network device at the time of the Minion startup and that connection is going to be used forever.
If one would need execute a command on the device but connecting using different parameters (due to various causes, e.g., unable to authenticate the user specified in the Pillar as the authentication system - say TACACS+ is not available, or the DNS resolver is currently down and would like to temporarily use the IP address instead, etc.), it implies updating the Pillar data and restarting the Proxy Minion process restart. In particular cases like that, you can pass the force_reconnect=True
keyword argument, together with the alternative connection details, to enforce the command to be executed over a separate connection.
For example, if the usual command is salt '*' net.arp
, you can use the following to connect using a different username instead: salt '*' net.arp username=my-alt-usr force_reconnect=True
.
-
Return the connection status with the remote device.
New in version 2017.7.0.
salt.proxy.napalm.alive(opts)
-
Calls a specific method from the network driver instance. Please check the readthedocs page for the updated list of getters.
- Parameters
-
method -- specifies the name of the method to be called
params -- contains the mapping between the name and the values of the parameters needed to call the method
- Returns
-
A dictionary with three keys:
result (True/False): if the operation succeeded
out (object): returns the object as-is from the call
comment (string): provides more details in case the call failed
traceback (string): complete traceback in case of exception. Please submit an issue including this traceback on the correct driver repo and make sure to read the FAQ
Example:
__proxy__['napalm.call']('cli' **{ 'commands': [ 'show version', 'show chassis fan' ] })
salt.proxy.napalm.call(method, *args, **kwargs)
-
Method called by NAPALM grains module.
salt.proxy.napalm.fns()
-
Returns the network device object.
salt.proxy.napalm.get_device()
-
Retrieve facts from the network device.
salt.proxy.napalm.get_grains()
-
Refresh the grains.
salt.proxy.napalm.grains_refresh()
-
Opens the connection with the network device.
salt.proxy.napalm.init(opts)
-
Connection finished initializing?
salt.proxy.napalm.initialized()
-
Connection open successfully?
salt.proxy.napalm.ping()
-
Closes connection with the device.
salt.proxy.napalm.shutdown(opts)
© 2021 SaltStack.
Licensed under the Apache License, Version 2.0.
https://docs.saltproject.io/en/latest/ref/proxy/all/salt.proxy.napalm.html