search

aristanetworks / avd

Arista Validated Designs
https://avd.arista.com
Apache License 2.0
285 stars 204 forks source link

Support for snmp-server host with snmp v1 and v2c #1033

Closed rainmanatee closed 3 years ago

rainmanatee commented 3 years ago

Issue Type

Summary

In eos_cli_config_gen snmp-settings.j2 does not properly render the snmp-server host command. The community string needs to be included in the command when the version is 1 or 2c.

Component Name

eos_cli_config_gen/templates/eos/snmp-settings.j2

Steps to reproduce

In SNMP Settings, under hosts, there is no facility to add communities, but these are a necessary component to the snmp-server host command if the snmp version is 1 or 2c:

DC2-SP01(s1)(config)#snmp-server host 1.1.1.1 vrf MGMT version 2c ?
  WORD  Community or user name

DC2-SP01(s1)(config)#snmp-server host 1.1.1.1 vrf MGMT version 2c
% Incomplete command
DC2-SP01(s1)(config)#snmp-server host 1.1.1.1 vrf MGMT version 1 ?
  WORD  Community or user name
  hosts:
    - host: < host IP address or name >
      vrf: < vrf_name >
      users:
        - username: < username >
          authentication_level: < auth | noauth | priv >
          version: < 1 | 2c | 3 >
    - host: < host IP address or name >
      vrf: < vrf_name >
      users:
        - username: < username >
          authentication_level: < auth | noauth | priv >
          version: < 1 | 2c | 3 >

Need to have communities referenced as well, so something like this:

  hosts:
    - host: < host IP address or name >
      vrf: < vrf_name >
      users:
        - username: < username >
          authentication_level: < auth | noauth | priv >
          version: < 3 >
     communities:
      - community: <community name >
         version < 1 | 2c  >
    - host: < host IP address or name >
      vrf: < vrf_name >
      users:
        - username: < username >
          authentication_level: < auth | noauth | priv >
          version: < 3 >
     communities:
      - community: <community name >
         version < 1 | 2c  >

And snmp_settings.j2 to something like:

{%         for host in snmp_server.hosts %}
{%             if host.users is arista.avd.defined %}
{%                 for user in host.users %}
{%                     if host.host is arista.avd.defined %}
{%                         set host_cli = "snmp-server host " ~ host.host %}
{%                     endif %}
{%                     if host.vrf is arista.avd.defined %}
{%                         set host_cli = host_cli ~ " vrf " ~ host.vrf %}
{%                     endif %}
{%                     if user.version is arista.avd.defined %}
{%                         set host_cli = host_cli ~ " version " ~ user.version %}
{%                         if user.version == 3 %}
{%                             set host_cli = host_cli ~ " " ~ user.authentication_level ~ " " ~ user.username %}
{%                         endif %}
{%                     endif %}
{%                 for community in host.communities %}
{%                     if host.host is arista.avd.defined %}
{%                         set host_cli = "snmp-server host " ~ host.host %}
{%                     endif %}
{%                     if host.vrf is arista.avd.defined %}
{%                         set host_cli = host_cli ~ " vrf " ~ host.vrf %}
{%                     endif %}
{%                     if community.version is arista.avd.defined %}
{%                         set host_cli = host_cli ~ " version " ~ user.version %}
{%                         if user.version == 1 or 2c %}
{%                             set host_cli = host_cli ~ " " ~ community.community  %}
{%                         endif %}
{%                     endif %}
{{ host_cli }}
ClausHolbechArista commented 3 years ago

Correct, the current data model and template does not support v1 and v2c for hosts. The current version key is placed under users which is not applicable for v1 and v2c. I think we should move the version field to the host-level so implement something like this:

snmp_server:
  hosts:
    - host: < host IP address or name >
      version: < 1 | 2c | 3 >
      vrf: < vrf_name >
      users:
        - username: < username >
          authentication_level: < auth | noauth | priv >
      communities: 
        - < community >

If someone would like to have the same host with multiple versions, they can just make multiple entries in the hosts list. So I suggest that we rename this issue to a feature request to support snmp v1 & v2c for snmp_server.hosts.

burnyd commented 3 years ago

@ClausHolbechArista So the suggestion is going to be put in a feature branch for this or follow the dev branch and file a PR with the model and j2 templating change? We can do either just let us know.

rainmanatee commented 3 years ago

Thanks for the guidance thus far. Can you assign this to me?