Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Enable backup for Check Point Gaia via netmiko #166

Open
wants to merge 3 commits into
base: develop
Choose a base branch
from

Conversation

jifox
Copy link

@jifox jifox commented Jul 14, 2024

Closes #165

Copy link
Contributor

@jeffkala jeffkala left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sorry for the delay, here's the initial thoughts

Comment on lines 113 to 140


## Dispatcher Configuration for Nautobot Golden Config

here are the steps needed to configure dispatchers for Nautobot Golden Config.

### checkpoint_gaia

This section describes the **checkpoint_gaia** dispatcher that provides backup functionality for Check Point firewalls.

To configure the dispatcher for Nautobot Golden Config, follow these steps:

1. Go to **Nautobot / Admin / Configuration**.
2. In the **Golden Configuration** section, set the default framework to `"checkpoint_gaia": "netmiko"`.

Here is an example of the configuration in JSON format:

```json
{
"all": "napalm",
"checkpoint_gaia": "netmiko"
}
```

3. Add the Platform **checkpoint_gaia** to the **Platform** model in the Nautobot admin interface.

- **Name**: "checkpoint_gaia"
- **Network driver**: "checkpoint_gaia"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We cover this in a few other places, nautobot-plugin-nornir specifically. I'd say we delete this from here.

docs/task/task.md Outdated Show resolved Hide resolved
from nornir_nautobot.plugins.tasks.dispatcher.default import NapalmDefault, NetmikoDefault
from nornir_nautobot.exceptions import NornirNautobotException

NETMIKO_DEVICE_TYPE = "linux"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In theory this will come directly from the nornir inventory in the platform definition. Would like to avoid hardcoding it here.

Comment on lines +20 to +51
@classmethod
def get_config( # pylint: disable=R0913,R0914
cls, task: Task, logger, obj, backup_file: str, remove_lines: list, substitute_lines: list
) -> Result:
"""Get the latest configuration from the device.

Args:
task (Task): Nornir Task.
logger (logging.Logger): Logger that may be a Nautobot Jobs or Python logger.
obj (Device): A Nautobot Device Django ORM object instance.
backup_file (str): The file location of where the back configuration should be saved.
remove_lines (list): A list of regex lines to remove configurations.
substitute_lines (list): A list of dictionaries with to remove and replace lines.

Returns:
Result: Nornir Result object with a dict as a result containing the running configuration
{ "config: <running configuration> }
"""
try:
task.host.platform = NETMIKO_DEVICE_TYPE
result = super().get_config(
task,
logger,
obj,
backup_file,
remove_lines,
substitute_lines,
)
return result
except Exception as exc:
error_msg = f"Failed to get configuration from {task.host.name} on {task.host.platform}"
raise NornirNautobotException(error_msg) from exc
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

don't believe any of this is needed. The overload of the config_command should be all that is needed. Like i said in previous comment, the task.host.platform should be sent in the nautobot-plugin-nornir dynamic inventory creation which is based on network_driver set in nautobot and there are other facilities to overwrite that from nautobot admin panel.

@gsnider2195
Copy link

@jifox do you have any suggestions for easy ways to test this if we try to pick it up and make the necessary changes to get it merged? I don't believe we have access to any checkpoint firewalls to test today.

@jifox
Copy link
Author

jifox commented Dec 13, 2024

Hi @gsnider2195

Maybe you can use a virtual checkpoint for testing. https://www.checkpoint.com/trials/

Co-authored-by: Jeff Kala <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Enable backup for Check Point Gaia via netmiko
4 participants