-
Notifications
You must be signed in to change notification settings - Fork 25
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Enable backup for Check Point Gaia via netmiko #166
base: develop
Are you sure you want to change the base?
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sorry for the delay, here's the initial thoughts
docs/task/task.md
Outdated
|
||
|
||
## Dispatcher Configuration for Nautobot Golden Config | ||
|
||
here are the steps needed to configure dispatchers for Nautobot Golden Config. | ||
|
||
### checkpoint_gaia | ||
|
||
This section describes the **checkpoint_gaia** dispatcher that provides backup functionality for Check Point firewalls. | ||
|
||
To configure the dispatcher for Nautobot Golden Config, follow these steps: | ||
|
||
1. Go to **Nautobot / Admin / Configuration**. | ||
2. In the **Golden Configuration** section, set the default framework to `"checkpoint_gaia": "netmiko"`. | ||
|
||
Here is an example of the configuration in JSON format: | ||
|
||
```json | ||
{ | ||
"all": "napalm", | ||
"checkpoint_gaia": "netmiko" | ||
} | ||
``` | ||
|
||
3. Add the Platform **checkpoint_gaia** to the **Platform** model in the Nautobot admin interface. | ||
|
||
- **Name**: "checkpoint_gaia" | ||
- **Network driver**: "checkpoint_gaia" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We cover this in a few other places, nautobot-plugin-nornir specifically. I'd say we delete this from here.
from nornir_nautobot.plugins.tasks.dispatcher.default import NapalmDefault, NetmikoDefault | ||
from nornir_nautobot.exceptions import NornirNautobotException | ||
|
||
NETMIKO_DEVICE_TYPE = "linux" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
In theory this will come directly from the nornir inventory in the platform definition. Would like to avoid hardcoding it here.
@classmethod | ||
def get_config( # pylint: disable=R0913,R0914 | ||
cls, task: Task, logger, obj, backup_file: str, remove_lines: list, substitute_lines: list | ||
) -> Result: | ||
"""Get the latest configuration from the device. | ||
|
||
Args: | ||
task (Task): Nornir Task. | ||
logger (logging.Logger): Logger that may be a Nautobot Jobs or Python logger. | ||
obj (Device): A Nautobot Device Django ORM object instance. | ||
backup_file (str): The file location of where the back configuration should be saved. | ||
remove_lines (list): A list of regex lines to remove configurations. | ||
substitute_lines (list): A list of dictionaries with to remove and replace lines. | ||
|
||
Returns: | ||
Result: Nornir Result object with a dict as a result containing the running configuration | ||
{ "config: <running configuration> } | ||
""" | ||
try: | ||
task.host.platform = NETMIKO_DEVICE_TYPE | ||
result = super().get_config( | ||
task, | ||
logger, | ||
obj, | ||
backup_file, | ||
remove_lines, | ||
substitute_lines, | ||
) | ||
return result | ||
except Exception as exc: | ||
error_msg = f"Failed to get configuration from {task.host.name} on {task.host.platform}" | ||
raise NornirNautobotException(error_msg) from exc |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
don't believe any of this is needed. The overload of the config_command
should be all that is needed. Like i said in previous comment, the task.host.platform should be sent in the nautobot-plugin-nornir dynamic inventory creation which is based on network_driver set in nautobot and there are other facilities to overwrite that from nautobot admin panel.
@jifox do you have any suggestions for easy ways to test this if we try to pick it up and make the necessary changes to get it merged? I don't believe we have access to any checkpoint firewalls to test today. |
Hi @gsnider2195 Maybe you can use a virtual checkpoint for testing. https://www.checkpoint.com/trials/ |
Co-authored-by: Jeff Kala <[email protected]>
Closes #165