Open gabewinch opened 2 months ago
miaow2
commented
2 months ago Hi @gabewinch, thanks for opening the issue.
Configuration Request does not use command from Platform Setting, it always collects full config, because it is needed for the correct configuration management process that is handled by scrapli-cfg.
Do you have in custom scripts ConfigDiffScript script under Customization > Scripts?
This script uses PlatformSetting for rendering diff
gabewinch
commented
2 months ago Hello @miaow2,
Thank you for your response. I apologize if I'm not using the plugin correctly... I do have the ConfigDiffScript. Is there a way to modify this to create a gathered config that I can more easily maintain?
miaow2
commented
2 months ago Is there a way to modify this to create a gathered config that I can more easily maintain?
I am sorry, but I don't understand your question clearly. Do you want to know only how to find diff (between rendered config in NetBox and device configuration) or push rendered configuration from NetBox to devices?
gabewinch
commented
2 months ago Let me try to explain my use case a bit better -
I'm okay with how NetBox renders the config template for diffing against the gathered (actual) configuration, no problems with that. What I want to do is filter out lines/sections of config from the device's gathered (actual) configuration. This is so that I don't have to structure the configuration template in NetBox to include any device-unique configuration, such as crypto keys, secrets serial numbers, interfaces, etc.
I'm trying to create a structure where I can have a large list of similar devices that should have the same "base" configuration, and I can have this plugin mark devices as compliant by only matching this base configuration, and not the entire output of show running-config.
Please let me know if that makes sense, happy to explain further and show my setup.
miaow2
commented
2 months ago You started in the right way with creating Platform Setting, your next steps:
Exclude regex field list of regex patterns that match config lines you want to excludeConfigDiffScript on your devices (devices should be with assigned Primary IP, Platform)Config Compliances for diffsFeel free to ask any questions, I will help you
gabewinch
commented
2 months ago So, here is where I begin to have some issues:
It seems whatever I put in the Exclude Regex field, the config in the Diffs section of the Configuration Request is not modified. I have tried many different combinations, including partial matches with regex wildcards (.*).
In this example, I have tried filtering the following string (config line):
vrf definition Mgmt-vrf
WIth the following regular expression (though simple, checked this against regex101):
vrf.definition.*
As you can see below, the line is not filtered from the actual config:
Is there something here that I should be doing differently? Thanks!
miaow2
commented
2 months ago please, don't use Configuration Request till you want to configure devices
just run ConfigDiffScript and check Config Compliances as I said
ConfigDiffScript uses Exclude Regex field
gabewinch
commented
2 months ago Okay - I was using the Collect Diffs button to get the actual configs from the devices after modifying the platform setting. Here is what I have under Scripts (not clickable):
And this (under the Edit button):
I tried to add the script manually here, but ran into a permissions issue saving the script into the scripts directory, according to the page. I checked the directory manually via CLI as well, and the script already seems to exist there. Maybe I have done something wrong in my install?
miaow2
commented
1 month ago Yes, you have some problems with plugin installation, but I have fix for that, you should go to nbshell
find config_diff ScriptModule
>>> ScriptModule.objects.all()
<RestrictedQuerySet [<ScriptModule: config_diff>]>so I have only one object, so get this object by
>>> module = ScriptModule.objects.all()[0]and then create Script object
>>> Script.objects.create(module=module, name="ConfigDiffScript")after that script will appear in scripts list Customization > Scripts
now you can run script on your devices and get diff
I hope that will help you
gabewinch
commented
1 month ago Hi @miaow2,
Thanks so much for the explainer. The script and regex line filters are now working for me.
Is there any chance in the future there will be functionality to get the output of specific commands from a device, such as "show run | section router" or others? This would be really helpful in my scenario.
Thanks again,
miaow2
commented
1 month ago Is there any chance in the future there will be functionality to get the output of specific commands from a device, such as "show run | section router" or others
Do you want to find a diff only for the router configuration section?
NetBox version What version of NetBox are you currently running? v4.0.7
Describe the bug The config-diff plugin is only sending show version | i Version and show running-config to cisco_iosxe platform config devices.
When specifying the command, or optional exclude regex in the platform config of the plugin itself, the username only goes to the device and runs the following:
To Reproduce Steps to reproduce the behavior:
Go to Config Diff Plugin > Compliance > Platform Settings
Include the device platform that is being used, and configure, like so
Create Configuration Request and collect diffs
Notice that Config Compliance only shows the output of "show running-config", regardless of the input on the command of the platform setting
Expected behavior The expectation is to collect configuration of the device based on the command input in the platform setting and exclude regex for that platform setting.
Screenshots