From 898d1c8d8141b5a0cfe60d2f3bc25be988d144e4 Mon Sep 17 00:00:00 2001 From: Lindsay Hill Date: Thu, 9 Aug 2018 13:54:22 -0700 Subject: [PATCH] added platform guides for NOS and VOSS (#43854) --- .../rst/network/user_guide/platform_index.rst | 6 ++ .../rst/network/user_guide/platform_nos.rst | 70 +++++++++++++++++++ .../rst/network/user_guide/platform_voss.rst | 70 +++++++++++++++++++ 3 files changed, 146 insertions(+) create mode 100644 docs/docsite/rst/network/user_guide/platform_nos.rst create mode 100644 docs/docsite/rst/network/user_guide/platform_voss.rst diff --git a/docs/docsite/rst/network/user_guide/platform_index.rst b/docs/docsite/rst/network/user_guide/platform_index.rst index 2bcb3f1ca93..a6f46e5270a 100644 --- a/docs/docsite/rst/network/user_guide/platform_index.rst +++ b/docs/docsite/rst/network/user_guide/platform_index.rst @@ -15,9 +15,11 @@ Some Ansible Network platforms support multiple connection types, privilege esca platform_ios platform_ironware platform_junos + platform_nos platform_nxos platform_routeros platform_slxos + platform_voss .. _settings_by_platform: @@ -43,8 +45,12 @@ Settings by Platform +-------------------+-------------------------+----------------------+----------------------+------------------+------------------+ | Extreme IronWare | ``ironware`` | in v. >=2.5 | N/A | N/A | in v. >=2.5 | +-------------------+-------------------------+----------------------+----------------------+------------------+------------------+ +| Extreme NOS | ``nos`` | in v. >=2.7 | N/A | N/A | N/A | ++-------------------+-------------------------+----------------------+----------------------+------------------+------------------+ | Extreme SLX-OS | ``slxos`` | in v. >=2.6 | N/A | N/A | N/A | +-------------------+-------------------------+----------------------+----------------------+------------------+------------------+ +| Extreme VOSS | ``voss`` | in v. >=2.7 | N/A | N/A | N/A | ++-------------------+-------------------------+----------------------+----------------------+------------------+------------------+ | F5 BIG-IP | N/A | N/A | N/A | N/A | in v. >=2.0 | +-------------------+-------------------------+----------------------+----------------------+------------------+------------------+ | F5 BIG-IQ | N/A | N/A | N/A | N/A | in v. >=2.0 | diff --git a/docs/docsite/rst/network/user_guide/platform_nos.rst b/docs/docsite/rst/network/user_guide/platform_nos.rst new file mode 100644 index 00000000000..49c3fd9de1b --- /dev/null +++ b/docs/docsite/rst/network/user_guide/platform_nos.rst @@ -0,0 +1,70 @@ +.. _nos_platform_options: + +*************************************** +NOS Platform Options +*************************************** + +Extreme NOS Ansible modules only support CLI connections today. ``httpapi`` modules may be added in future. +This page offers details on how to use ``network_cli`` on NOS in Ansible >= 2.7. + +.. contents:: Topics + +Connections Available +================================================================================ + ++---------------------------+-----------------------------------------------+ +|.. | CLI | ++===========================+===============================================+ +| **Protocol** | SSH | ++---------------------------+-----------------------------------------------+ +| | **Credentials** | | uses SSH keys / SSH-agent if present | +| | | | accepts ``-u myuser -k`` if using password | ++---------------------------+-----------------------------------------------+ +| **Indirect Access** | via a bastion (jump host) | ++---------------------------+-----------------------------------------------+ +| | **Connection Settings** | | ``ansible_connection: network_cli`` | +| | | | | +| | | | | +| | | | | +| | | | | ++---------------------------+-----------------------------------------------+ +| | **Enable Mode** | | not supported by NOS | +| | (Privilege Escalation) | | | ++---------------------------+-----------------------------------------------+ +| **Returned Data Format** | ``stdout[0].`` | ++---------------------------+-----------------------------------------------+ + +NOS does not support ``ansible_connection: local``. You must use ``ansible_connection: network_cli``. + +Using CLI in Ansible >= 2.7 +================================================================================ + +Example CLI ``group_vars/nos.yml`` +---------------------------------- + +.. code-block:: yaml + + ansible_connection: network_cli + ansible_network_os: nos + ansible_user: myuser + ansible_ssh_pass: !vault... + ansible_ssh_common_args: '-o ProxyCommand="ssh -W %h:%p -q bastion01"' + + +- If you are using SSH keys (including an ssh-agent) you can remove the ``ansible_ssh_pass`` configuration. +- If you are accessing your host directly (not through a bastion/jump host) you can remove the ``ansible_ssh_common_args`` configuration. +- If you are accessing your host through a bastion/jump host, you cannot include your SSH password in the ``ProxyCommand`` directive. To prevent secrets from leaking out (for example in ``ps`` output), SSH does not support providing passwords via environment variables. + +Example CLI Task +---------------- + +.. code-block:: yaml + + - name: Get version information (nos) + nos_command: + command: "show version" + register: show_ver + when: ansible_network_os == 'nos' + + +.. include:: shared_snippets/SSH_warning.txt diff --git a/docs/docsite/rst/network/user_guide/platform_voss.rst b/docs/docsite/rst/network/user_guide/platform_voss.rst new file mode 100644 index 00000000000..22a33c8ec25 --- /dev/null +++ b/docs/docsite/rst/network/user_guide/platform_voss.rst @@ -0,0 +1,70 @@ +.. _voss_platform_options: + +*************************************** +VOSS Platform Options +*************************************** + +Extreme VOSS Ansible modules only support CLI connections today. This page offers details on how to +use ``network_cli`` on VOSS in Ansible >= 2.7. + +.. contents:: Topics + +Connections Available +================================================================================ + ++---------------------------+-----------------------------------------------+ +|.. | CLI | ++===========================+===============================================+ +| **Protocol** | SSH | ++---------------------------+-----------------------------------------------+ +| | **Credentials** | | uses SSH keys / SSH-agent if present | +| | | | accepts ``-u myuser -k`` if using password | ++---------------------------+-----------------------------------------------+ +| **Indirect Access** | via a bastion (jump host) | ++---------------------------+-----------------------------------------------+ +| | **Connection Settings** | | ``ansible_connection: network_cli`` | +| | | | | +| | | | | +| | | | | +| | | | | ++---------------------------+-----------------------------------------------+ +| | **Enable Mode** | | supported - use ``ansible_become: yes`` | +| | (Privilege Escalation) | | with ``ansible_become_method: enable`` | ++---------------------------+-----------------------------------------------+ +| **Returned Data Format** | ``stdout[0].`` | ++---------------------------+-----------------------------------------------+ + +VOSS does not support ``ansible_connection: local``. You must use ``ansible_connection: network_cli``. + +Using CLI in Ansible >= 2.7 +================================================================================ + +Example CLI ``group_vars/voss.yml`` +----------------------------------- + +.. code-block:: yaml + + ansible_connection: network_cli + ansible_network_os: voss + ansible_user: myuser + ansible_become: yes + ansible_become_method: enable + ansible_ssh_pass: !vault... + ansible_ssh_common_args: '-o ProxyCommand="ssh -W %h:%p -q bastion01"' + + +- If you are using SSH keys (including an ssh-agent) you can remove the ``ansible_ssh_pass`` configuration. +- If you are accessing your host directly (not through a bastion/jump host) you can remove the ``ansible_ssh_common_args`` configuration. +- If you are accessing your host through a bastion/jump host, you cannot include your SSH password in the ``ProxyCommand`` directive. To prevent secrets from leaking out (for example in ``ps`` output), SSH does not support providing passwords via environment variables. + +Example CLI Task +---------------- + +.. code-block:: yaml + + - name: Retrieve VOSS info + voss_command: + commands: show sys-info + when: ansible_network_os == 'voss' + +.. include:: shared_snippets/SSH_warning.txt