Closed Qalthos closed 6 years ago
is this proposal only in the context of Arista?
Just wanted to point to a PR that I have been working on that will enable creating a Request
object, that can handle cookies/headers/etc from a global perspective across multiple requests.
I believe the Request
PR can improve functionality in such a plugin as mentioned here.
@Qalthos i have some questions / doubts that his will be generic enough to be handled in the connection plugin if we are targetting any request of http.
build_request(self, commands, output_format, **kwargs) returns a tuple of (data, headers) suitable for being used with open_url()
This method would only be uses in specific instances of network devices sending CLI commands and would be better handled in a plugin that provides messaging structure. That would allow the connection plugin here to be generic enough to handle all http transport use cases as discussed https://github.com/ansible/proposals/issues/102#issuecomment-377630313
@caphrim007 Not exactly. This proposal covers eAPI as the first consumer of the plugin (and to reuse as much as possible from #102), but if you have needs not covered by the Problems heading, please note them here so that can be tracked.
@sivel That PR looks like it would make this a lot easier, yes.
@Qalthos most of the items in the Problems section are also applicable to F5. Additionally, I would include
The reason for the above is that some of the work I need to do involves the device actually rebooting, and I cant have the module fail with a connection terminated when that happens.
Proposals that try to solve similar or related issues:
auth plugins #24 stackable connection plugins #25 special namespaced credential vars #81 cloud shared credentials #90
@caphrim007 I can add that detail. Connections already have a reset()
method, which I have neglected t add, which in this case would just call close()
@Qalthos does the reset work from inside the module itself? Would it handle an authentication case where,
Based on conversations with @privateip, I've reorganized the flow of this proposal to try to reduce the need to copy network_cli
so closely.
@caphrim007 Yes, clearing that header and indicating that it should be re-acquired is one of the two functions of close
, along with closing the persistent connection socket. This will force connect()
to be called again on next use, which should restore the information.
Proposal: HTTP(S)-transport connection plugin
Author: Nathaniel Case <@Qalthos>
Date: 2018-04-10
Motivation
Implement a first order connection plugin like
connection: network_cli
&connection: netconf
for HTTP(S) transports. Allows full deprecation ofconnection: local
&provider:
for network devices with eAPI and NX-API implementations. This proposal covers the connection plugin and creation of an eAPI implementation plugin, replacing #102Problems
connection: local
andprovider
so I can use basic Ansible connection options instead, including specifying http(s) port and encrypted or non-encrypted transport type (HTTP/HTTPS)connection: local
to continue to function as before without user interventionSolution proposal
This connection plugin works in concert with a new API plugin system that determines the specifics of the API in question. This new plugin has the following method:
send_request(self, data, **message_kwargs)
data
should correspond to the actual message being sent to the devicemessage_kwargs
should specify how the message is sent. This will vary according to the particular API in use, but might include message type, destination, or optional headersdata
and**message_kwargs
are interpreted to create a payload to send over HTTPsend()
method, defined below.Additionally, there is an optional
login(self)
method which can be used to acquire auth tokens. This method should callconnection.send()
with the apropriate parameters.The connection plugin itself works like the existing
network_cli
andnetconf
plugins, and is tasked with maintaining the session information for the module.network_os
is setcliconf
plugin, if one exists_connect(self)
is calledlogin()
method_connected
to indicate connection is validclose(self)
is called_connected
reset(self)
callsclose()
ifsocket_path
is setput_file
,fetch_file
, andexec_command
all redirect to an internallocal
connection, to allow non-networking modules to function on the local host, as is done in existing network connection plugins.__getattr__
is defined so method calls made to the connection plugin not defined in the connection plugin will search first the registered API plugin, then the registered cliconf plugin, if one exists, for like-named methods to execute. In this way, the methods of those plugins are available to consumers of the connection plugin.send(self, path, data, **request_kwargs)
is calledrequest_kwargs
{protocol}://{host}:{port}/{path}
.protocol
is'https'
if connection optionuse_ssl
is true (default), otherwise'http'
open_url(url, data, **request_args)
is calledFinally, some changes to the eos and nxos cliconf plugins will be necessary to use
send_request
instead ofsend
when communicating over this new connection plugin. This is to allow using the cliconf plugin without overly burdening the API plugins with an interface designed for command-driven connectionsTesting
connection: local
tests to single test covering both transportsDocumentation
connection: local
connection: local
with the new connection typebecome
guide should be updated to include the new connection type