An efficient tool to execute configuration backups, network state snapshots, system readiness checks, and operating system upgrades of Palo Alto Networks firewalls and Panorama appliances.
Is your feature request related to a problem? Please describe.
When upgrading PAN-OS on modular devices like the PA-7500, PA-7000, and PA-5450 firewalls using the pan-os-upgrade utility, it is important to capture and record the inventory information of these devices before and after the upgrade process. The inventory information includes details about the hardware components, such as line cards, management cards, fan trays, and power supplies. Capturing this inventory helps in tracking any changes or updates to the hardware configuration during the upgrade and ensures that the device is functioning as expected after the upgrade. Currently, the utility does not have a built-in mechanism to capture and store the inventory information for these modular devices.
Describe the solution you'd like
Enhance the pan-os-upgrade utility to include the ability to capture and record the inventory information for modular devices (PA-7500, PA-7000, PA-5450) before and after the upgrade process. The utility should:
Identify the device model and determine if it is a modular device (PA-7500, PA-7000, or PA-5450).
Use the PAN-OS SDK to execute the equivalent of the show system inventory command on the firewall to retrieve the inventory information.
Parse the inventory information returned by the SDK and extract relevant details, such as:
Line card types and slot numbers
Management card types and slot numbers
Fan tray types and status
Power supply types and status
Any other pertinent hardware component details
Store the captured inventory information in a structured format (e.g., JSON or XML) along with metadata such as the device model, serial number, and timestamp.
Proceed with the normal upgrade process.
After the upgrade is completed and the firewall is back online, re-capture the inventory information using the same SDK command.
Compare the pre-upgrade and post-upgrade inventory information to identify any changes or discrepancies in the hardware configuration.
Generate a report or display the comparison results to the user, highlighting any differences or potential issues.
Provide an option to export or store the inventory information for future reference or auditing purposes.
Describe alternatives you've considered
An alternative approach could be to manually document the inventory information before and after the upgrade process. However, this would be time-consuming, error-prone, and may not provide a consistent and automated way to track inventory changes across multiple devices.
Additional context
Here are a few additional points to consider:
Ensure that the utility handles the SDK authentication and communication securely, using appropriate authentication mechanisms and encryption.
Implement error handling and retry mechanisms to handle scenarios where the inventory information retrieval may fail due to network issues, API errors, or unsupported device models.
Provide options to customize the inventory information capture, such as including additional hardware details or filtering specific components.
Consider integrating with asset management systems or CMDBs to automatically update the inventory information captured by the utility.
Provide clear documentation and examples on how to use the inventory capture feature, including any prerequisites or configuration steps specific to modular devices.
Update the project's documentation to include information about this new feature, explaining its benefits and how it can assist in tracking and verifying the hardware configuration during the upgrade process.
By implementing this feature, the pan-os-upgrade utility will provide a comprehensive solution for capturing and comparing the inventory information of modular devices before and after the upgrade process. This will help in ensuring the integrity and consistency of the hardware configuration, identifying any potential issues, and maintaining accurate records of the device inventory throughout the upgrade lifecycle.
Is your feature request related to a problem? Please describe. When upgrading PAN-OS on modular devices like the PA-7500, PA-7000, and PA-5450 firewalls using the
pan-os-upgradeutility, it is important to capture and record the inventory information of these devices before and after the upgrade process. The inventory information includes details about the hardware components, such as line cards, management cards, fan trays, and power supplies. Capturing this inventory helps in tracking any changes or updates to the hardware configuration during the upgrade and ensures that the device is functioning as expected after the upgrade. Currently, the utility does not have a built-in mechanism to capture and store the inventory information for these modular devices.Describe the solution you'd like Enhance the
pan-os-upgradeutility to include the ability to capture and record the inventory information for modular devices (PA-7500, PA-7000, PA-5450) before and after the upgrade process. The utility should:show system inventorycommand on the firewall to retrieve the inventory information.Describe alternatives you've considered An alternative approach could be to manually document the inventory information before and after the upgrade process. However, this would be time-consuming, error-prone, and may not provide a consistent and automated way to track inventory changes across multiple devices.
Additional context Here are a few additional points to consider:
By implementing this feature, the
pan-os-upgradeutility will provide a comprehensive solution for capturing and comparing the inventory information of modular devices before and after the upgrade process. This will help in ensuring the integrity and consistency of the hardware configuration, identifying any potential issues, and maintaining accurate records of the device inventory throughout the upgrade lifecycle.