search

nornir-automation / nornir_napalm

NAPALM's plugins for nornir
Apache License 2.0
63 stars 20 forks source link

Connecting through a Jump Server (optional_args) #13

Closed SeglaSamaty closed 3 years ago

SeglaSamaty commented 3 years ago

Hi everyone, I'm trying to connect to my ios net devices using Nornir_napalm plugin, Nornir and napalm with linux jump server in the middle. I know that I need the "optional_args" dict to be passed to Napalm so as to set the ssh config for the underlying Netmiko lib.

Since I'm not using Napalm directly, how do I pass the "optional_args" to the Napalm via the plugin nornir_napalm ?

ktbyers commented 3 years ago 
device1:
  hostname: 192.168.1.1
  username: cisco
  password: cisco
  platform: ios
  connection_options:
    napalm:
       extras:
         optional_args:
           argument1: value1
ktbyers commented 3 years ago

Let me know if that was not what you were looking for? But yes, just pass the SSH config file argument in via optional_args using the above structure.

Regards, Kirk

SeglaSamaty commented 3 years ago

Hi @ktbyers and thx for your reply, I added the connection option to my host file but I'm still failing to connect my router.

%host file

device01:    connection_options:     napalm:       extras:         optional_args:           ssh_config_file: ~/.ssh/config   hostname: 10.10.10.10   password: mypwd   platform: ios   port: 22   username: username

%my ssh config file (~/.ssh/config)

host jumpserver   IdentityFile ~/.ssh/id_rsa   IdentitiesOnly yes   user username   hostname 10.100.100.100

host * !jumpserver   ProxyCommand ssh arthur nc %h %p

%nornir.log

2021-04-27 09:03:40,065 - nornir.core - INFO - run() - Running task 'napalm_cli' with args {'commands': ['[tool.poetry]', '# ...', 'packages = [', ' { include = "../conn_cisco" },', ']'], 'optional_args': {'ssh_config_file': '~/.ssh/config'}} on 1 hosts 2021-04-27 09:03:40,066 - nornir.core.task - ERROR - start() - Host 'device01': task 'napalm_cli' failed with traceback: Traceback (most recent call last): File "/home/abcd/.cache/pypoetry/virtualenvs/conn-cisco-oRCRU1FG-py3.8/lib/python3.8/site-packages/nornir/core/task.py", line 99, in start r = self.task(self, **self.params) TypeError: napalm_cli() got an unexpected keyword argument 'optional_args'

Why am I having the optional_args unrecognized in the log?

Best regards.

SeglaSamaty commented 3 years ago

Hi @ktbyers I managed to make the conf above work. I just reinstalled everything with poetry. But I still don’t know what was the issue.

Best Regards, Segla.

getinet3table commented 10 months ago

For everyone trying this proxy-ssh over nornir/netmiko/napalm here's what you need to do:

  1. Generate ssh-key and use ssh-copy-id in order to have passwordless ssh login. https://www.digitalocean.com/community/tutorials/how-to-set-up-ssh-keys-on-ubuntu-20-04
  2. Create the .ssh/config file: alin@alin-virtual-machine:~/.ssh$ cat config Host jumpserver PubkeyAcceptedKeyTypes=+ssh-rsa IdentityFile ~/.ssh/id_rsa IdentitiesOnly yes StrictHostKeyChecking=no User HostName <IP/DNS> HostKeyAlgorithms =+ssh-rsa

Host * ! jumpserver ProxyJump jumpserver User StrictHostKeyChecking=no HostKeyAlgorithms=+ssh-rsa PubkeyAcceptedKeyTypes +ssh-rsa

  1. Tel nornir/netmiko to use the ssh config file: This is the groups yaml file: cisco_ios: platform: ios connection_options: netmiko: platform: cisco_xe extras: global_delay_factor: 30 banner_timeout: 30 fast_cli: False conn_timeout: 30 ssh_config_file: '/home/alin/.ssh/config'

NOTE: I managed to get this working on linux only, for windows the proxyjump simply does not work.

Hope this helps!