cisco_node_utils 1.2.0 → 1.3.0

data/lib/cisco_node_utils/syslog_server.rb

@@ -23,6 +23,16 @@ module Cisco
   class SyslogServer < NodeUtil
     attr_reader :name, :level, :vrf
 
+    LEVEL_TO_NUM = { 'emergencies'   => 0,
+                     'alerts'        => 1,
+                     'critical'      => 2,
+                     'error'         => 3,
+                     'warning'       => 4,
+                     'notifications' => 5,
+                     'info'          => 6,
+                     'debugging'     => 7 }.freeze
+    NUM_TO_LEVEL = LEVEL_TO_NUM.invert.freeze
+
     def initialize(name,
                    level=nil,
                    vrf=nil,
@@ -42,14 +52,24 @@ module Cisco
 
     def self.syslogservers
       hash = {}
-
       syslogservers_list = config_get('syslog_server', 'server')
       return hash if syslogservers_list.nil?
 
       syslogservers_list.each do |id|
+        # The YAML regex isn't specific enough for some platforms,
+        # so we have to do further checking.
+        begin
+          IPAddr.new(id)
+        rescue
+          next
+        end
+
         level = config_get('syslog_server', 'level', id)
+        level = level[0] if level.is_a?(Array)
+        level = LEVEL_TO_NUM[level] if platform == :ios_xr
 
         vrf = config_get('syslog_server', 'vrf', id)
+        vrf = vrf[0] if vrf.is_a?(Array)
 
         hash[id] = SyslogServer.new(id, level, vrf, false)
       end
@@ -62,25 +82,64 @@ module Cisco
     end
 
     def create
-      # Set timestamp units
-      config_set('syslog_server',
-                 'server',
-                 state: '',
-                 ip:    "#{name}",
-                 level: level.nil? ? '' : "#{level}",
-                 vrf:   vrf.nil? ? '' : "use-vrf #{vrf}",
-                )
+      if platform == :ios_xr
+
+        # This provider only support a 1-1 mapping between host and VRF.
+        # Thus, we must remove the other entries on different VRFs.
+        all_vrfs = config_get('syslog_server', 'vrf', name)
+        destroy(all_vrfs) if all_vrfs.is_a?(Array) && all_vrfs.count > 1
+
+        config_set('syslog_server',
+                   'server',
+                   state: '',
+                   ip:    "#{name}",
+                   level: level.nil? ? '' : "severity #{NUM_TO_LEVEL[level]}",
+                   vrf:   vrf.nil? ? '' : "vrf #{vrf}",
+                  )
+      else
+        config_set('syslog_server',
+                   'server',
+                   state: '',
+                   ip:    "#{name}",
+                   level: level.nil? ? '' : "#{level}",
+                   vrf:   vrf.nil? ? '' : "use-vrf #{vrf}",
+                  )
+      end
     end
 
-    def destroy
-      # Set timestamp units
-      config_set('syslog_server',
-                 'server',
-                 state: 'no',
-                 ip:    "#{name}",
-                 level: '',
-                 vrf:   '',
-                )
+    def destroy(duplicate_vrfs=[])
+      if platform == :ios_xr
+        if duplicate_vrfs.empty?
+          config_set('syslog_server',
+                     'server',
+                     state: 'no',
+                     ip:    "#{name}",
+                     level: '',
+                     vrf:   vrf.nil? ? '' : "vrf #{vrf}",
+                    )
+        else
+          warn("#{name} is configured multiple times on the device" \
+            ' (possibly in different VRFs). This is unsupported by this' \
+            ' API and the duplicate entries are being deleted.')
+          duplicate_vrfs.each do |dup|
+            config_set('syslog_server',
+                       'server',
+                       state: 'no',
+                       ip:    "#{name}",
+                       level: '',
+                       vrf:   "vrf #{dup}",
+                      )
+          end
+        end
+      else
+        config_set('syslog_server',
+                   'server',
+                   state: 'no',
+                   ip:    "#{name}",
+                   level: '',
+                   vrf:   '',
+                  )
+      end
     end
   end # class
 end # module

data/lib/cisco_node_utils/syslog_settings.rb

@@ -49,7 +49,7 @@ module Cisco
     def timestamp=(val)
       fail TypeError unless val.is_a?(String)
       fail TypeError \
-        unless %w(seconds milliseconds).include?(timestamp)
+        unless %w(seconds milliseconds).include?(val)
 
       # There is no unset version as timestamp has a default value
       config_set('syslog_settings',

data/lib/cisco_node_utils/tacacs_server_group.rb

@@ -31,7 +31,7 @@ module Cisco
 
       return unless create
 
-      TacacsServer.new.enable unless TacacsServer.enabled
+      TacacsServer.new.enable if platform != :ios_xr && !TacacsServer.enabled
       config_set('tacacs_server_group', 'group', state: '', name: name)
     end
 
@@ -81,8 +81,12 @@ module Cisco
 
     def self.groups
       grps = {}
-      tacgroups = config_get('tacacs_server_group', 'group') if
-        TacacsServer.enabled
+      if platform == :ios_xr
+        tacgroups = config_get('tacacs_server_group', 'group')
+      else
+        tacgroups = config_get('tacacs_server_group', 'group') if
+          TacacsServer.enabled
+      end
       unless tacgroups.nil?
         tacgroups.each { |s| grps[s] = TacacsServerGroup.new(s, false) }
       end
@@ -125,7 +129,7 @@ module Cisco
 
     def source_interface
       i = config_get('tacacs_server_group', 'source_interface', @name)
-      i.nil? ? default_source_interface : i
+      i.nil? ? default_source_interface : i.downcase
     end
 
     def source_interface=(s)

data/lib/cisco_node_utils/tacacs_server_host.rb

@@ -23,41 +23,104 @@ module Cisco
     attr_reader :name
     @hosts = {}
 
-    def initialize(name, create=true)
+    def initialize(name, instantiate=true, host_port=nil)
       fail TypeError unless name.is_a? String
       fail ArgumentError if name.empty?
       @name = name
-      return unless create
-      # 'feature tacacs+' must be enabled to create a host
-      TacacsServer.new.enable unless TacacsServer.enabled
-      config_set('tacacs_server_host', 'host', '', name)
+
+      if platform == :ios_xr
+        if host_port.nil?
+          @port = config_get_default('tacacs_server_host', 'port')
+        else
+          fail ArgumentError, 'host_port must be an Integer' \
+            unless host_port.is_a?(Integer)
+          @port = host_port
+        end
+      end
+
+      create if instantiate
+
+      return if platform == :ios_xr
+
+      return if host_port.nil?
+      fail ArgumentError, 'host_port must be an Integer' \
+        unless host_port.is_a?(Integer)
+      self.port = host_port
     end
 
     def self.hosts
-      @hosts = {}
+      hosts = {}
+      return hosts unless Feature.tacacs_enabled?
 
-      return @hosts unless TacacsServer.enabled
+      hosts_list = config_get('tacacs_server_host', 'hosts')
+      return hosts if hosts_list.nil? || hosts_list.empty?
 
-      hosts = config_get('tacacs_server_host', 'hosts')
-      unless hosts.nil?
-        hosts = [hosts] if hosts.is_a?(Hash)
-        hosts.each do |name|
-          @hosts[name] = TacacsServerHost.new(name, false) if @hosts[name].nil?
+      hosts_list.each do |name|
+        if platform == :ios_xr
+          host_port = config_get('tacacs_server_host', 'port', ip: name)
+          host_port = host_port[0] if host_port.is_a?(Array)
+          host_port = host_port.to_i
+
+          hosts[name] = TacacsServerHost.new(name, false, host_port)
+        else
+          hosts[name] = TacacsServerHost.new(name, false) if @hosts[name].nil?
         end
       end
-      @hosts
+      hosts
+    end
+
+    def create
+      destroy if platform == :ios_xr
+      Feature.tacacs_enable
+      config_set('tacacs_server_host',
+                 'host',
+                 state: '',
+                 ip:    name,
+                 port:  @port)
     end
 
     def destroy
-      config_set('tacacs_server_host', 'host', 'no', @name)
+      if platform == :ios_xr
+        # This provider only support a 1-1 mapping between host and ports.
+        # Thus, we must remove the other entries on different ports.
+        all_hosts = config_get('tacacs_server_host',
+                               'host_port_pairs',
+                               ip: @name)
+        return unless all_hosts.is_a?(Array)
+
+        warn("#{name} is configured multiple times on the device" \
+            ' (possibly using different ports). This is unsupported by this' \
+            ' API and the duplicate entries are being deleted.') \
+          if all_hosts.count > 1
+
+        all_hosts.each do |host_port|
+          config_set('tacacs_server_host',
+                     'host',
+                     state: 'no',
+                     ip:    @name,
+                     port:  host_port)
+        end
+      else
+        config_set('tacacs_server_host',
+                   'host',
+                   state: 'no',
+                   ip:    @name,
+                   port:  @port)
+      end
     end
 
     def port
-      config_get('tacacs_server_host', 'port', @name)
+      platform == :ios_xr ? @port : config_get('tacacs_server_host',
+                                               'port',
+                                               ip: @name)
     end
 
     def port=(n)
-      config_set('tacacs_server_host', 'port', @name, n.to_i)
+      fail("'port' setter method not applicable for this platform." \
+        'port must be passed in to the constructor.') \
+          if platform == :ios_xr
+
+      config_set('tacacs_server_host', 'port', ip: @name, port: n.to_i)
     end
 
     def self.default_port
@@ -65,7 +128,10 @@ module Cisco
     end
 
     def encryption_type
-      type = config_get('tacacs_server_host', 'encryption_type', @name)
+      type = config_get('tacacs_server_host',
+                        'encryption_type',
+                        ip:   @name,
+                        port: @port)
       type.nil? ? TACACS_SERVER_ENC_UNKNOWN : type.to_i
     end
 
@@ -74,7 +140,10 @@ module Cisco
     end
 
     def encryption_password
-      config_get('tacacs_server_host', 'encryption_password', @name)
+      config_get('tacacs_server_host',
+                 'encryption_password',
+                 ip:   @name,
+                 port: @port)
     end
 
     def self.default_encryption_password
@@ -93,29 +162,50 @@ module Cisco
         # to unset the key value. Otherwise, the box is not configured with key,
         # thus we don't need to do anything
         if encryption_type != TACACS_SERVER_ENC_UNKNOWN
-          config_set('tacacs_server_host', 'encryption', 'no', @name,
-                     encryption_type,
-                     encryption_password)
+          config_set('tacacs_server_host',
+                     'encryption',
+                     state:    'no',
+                     ip:       @name,
+                     port:     @port,
+                     enc_type: encryption_type,
+                     password: encryption_password)
         end
       else
-        config_set('tacacs_server_host', 'encryption',
-                   '', @name, enctype, password)
+        config_set('tacacs_server_host',
+                   'encryption',
+                   state:    '',
+                   ip:       @name,
+                   port:     @port,
+                   enc_type: enctype,
+                   password: password)
       end
     end
 
     def timeout
-      config_get('tacacs_server_host', 'timeout', @name)
+      config_get('tacacs_server_host',
+                 'timeout',
+                 ip:   @name,
+                 port: @port)
     end
 
     def timeout=(t)
       fail TypeError unless t.is_a? Fixnum
       return if t == timeout
 
-      config_set('tacacs_server_host', 'timeout', '', @name, t)
+      config_set('tacacs_server_host',
+                 'timeout',
+                 state:   '',
+                 ip:      @name,
+                 port:    @port,
+                 timeout: t)
     end
 
     def self.default_timeout
       config_get_default('tacacs_server_host', 'timeout')
     end
+
+    def ==(other)
+      name == other.name
+    end
   end
 end

data/lib/cisco_node_utils/vdc.rb

@@ -84,5 +84,17 @@ module Cisco
     def default_limit_resource_module_type
       config_get_default('vdc', 'limit_resource_module_type')
     end
+
+    def interface_membership
+      config_get('vdc', 'membership', vdc: @vdc)
+    end
+
+    def interface_membership=(intf)
+      config_set('vdc', 'membership', vdc: @vdc, intf: intf)
+    end
+
+    def default_interface_membership
+      config_get_default('vdc', 'membership')
+    end
   end  # Class
 end    # Module

data/lib/cisco_node_utils/version.rb

@@ -14,7 +14,7 @@
 
 # Container module for version number only.
 module CiscoNodeUtils
-  VERSION = '1.2.0'
+  VERSION = '1.3.0'
   gem_version = Gem::Version.new(Gem::VERSION)
   min_gem_version = Gem::Version.new('2.1.0')
   fail 'Required rubygems version >= 2.1.0' if gem_version < min_gem_version

data/lib/cisco_node_utils/vlan.rb

@@ -14,9 +14,11 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
+require_relative 'cisco_cmn_utils'
 require_relative 'node_util'
 require_relative 'interface'
 require_relative 'fabricpath_global'
+require_relative 'feature'
 
 # Add some Vlan-specific constants to the Cisco namespace
 module Cisco
@@ -24,7 +26,7 @@ module Cisco
 
   # Vlan - node utility class for VLAN configuration management
   class Vlan < NodeUtil
-    attr_reader :name, :vlan_id
+    attr_reader :vlan_id
 
     def initialize(vlan_id, instantiate=true)
       @vlan_id = vlan_id.to_s
@@ -34,6 +36,10 @@ module Cisco
       create if instantiate
     end
 
+    def to_s
+      "VLAN #{vlan_id}"
+    end
+
     def self.vlans
       hash = {}
       vlan_list = config_get('vlan', 'all_vlans')
@@ -53,19 +59,49 @@ module Cisco
       config_set('vlan', 'destroy', @vlan_id)
     end
 
-    def cli_error_check(result)
+    def cli_error_check(result, ignore_message=nil)
       # The NXOS vlan cli does not raise an exception in some conditions and
       # instead just displays a STDOUT error message; thus NXAPI does not detect
       # the failure and we must catch it by inspecting the "body" hash entry
       # returned by NXAPI. This vlan cli behavior is unlikely to change.
-      fail result[2]['body'] if
-        result[2].is_a?(Hash) &&
-        /(ERROR:|Warning:)/.match(result[2]['body'].to_s)
+      # Check for messages that can be safely ignored.
+
+      errors = /(ERROR:|VLAN:|Warning:)/
+
+      return unless
+        result[2].is_a?(Hash) && errors.match(result[2]['body'].to_s)
+      # Split errors into a list, but keep the delimiter as part of the message.
+      error_list =
+        (result[2]['body'].split(errors) - ['']).each_slice(2).map(&:join)
+      error_list.each do |msg|
+        next if ignore_message && msg.to_s.include?(ignore_message)
+        fail result[2]['body']
+      end
+    end
+
+    def set_args_keys_default
+      keys = { vlan: @vlan_id }
+      @set_args = keys
+    end
+
+    def set_args_keys(hash={}) # rubocop:disable Style/AccessorMethodName
+      set_args_keys_default
+      @set_args = @set_args.merge!(hash) unless hash.empty?
+    end
+
+    def fabric_control
+      config_get('vlan', 'fabric_control', vlan: @vlan_id)
+    end
 
-      # Some test environments get result[2] as a string instead of a hash
-      fail result[2] if
-        result[2].is_a?(String) &&
-        /(ERROR:|Warning:)/.match(result[2])
+    def fabric_control=(val)
+      no_cmd = (val) ? '' : 'no'
+      result = config_set('vlan', 'fabric_control', vlan:  @vlan_id,
+                                                    state: no_cmd)
+      cli_error_check(result)
+    end
+
+    def default_fabric_control
+      config_get_default('vlan', 'fabric_control')
     end
 
     def fabricpath_feature
@@ -79,28 +115,24 @@ module Cisco
     def mode
       result = config_get('vlan', 'mode', @vlan_id)
       return default_mode if result.nil?
-      case result
-      when /fabricpath/i
-        return 'fabricpath'
-      when /ce/i
-        return 'ce'
-      end
+      # Note: The yaml definition for this property
+      # uses 'multiple' as a workaround for a bug
+      # in the N7k nxapi code which displays
+      # the 'show vlan' output twice.
+      result[0].downcase! if result[0][/FABRICPATH/]
+      result[0]
     end
 
     def mode=(str)
-      str = str.to_s
-      if str.empty?
-        result = config_set('vlan', 'mode', @vlan_id, 'no', '')
+      if str == default_mode
+        config_set('vlan', 'mode', @vlan_id, 'no', '')
       else
         if 'fabricpath' == str
           fabricpath_feature_set(:enabled) unless
             :enabled == fabricpath_feature
         end
-        result = config_set('vlan', 'mode', @vlan_id, '', str)
+        config_set('vlan', 'mode', @vlan_id, '', str)
       end
-      cli_error_check(result)
-    rescue CliError => e
-      raise "[vlan #{@vlan_id}] '#{e.command}' : #{e.clierror}"
     end
 
     def default_mode
@@ -120,8 +152,6 @@ module Cisco
         result = config_set('vlan', 'name', @vlan_id, '', str)
       end
       cli_error_check(result)
-    rescue CliError => e
-      raise "[vlan #{@vlan_id}] '#{e.command}' : #{e.clierror}"
     end
 
     def default_vlan_name
@@ -146,8 +176,6 @@ module Cisco
         result = config_set('vlan', 'state', @vlan_id, '', str)
       end
       cli_error_check(result)
-    rescue CliError => e
-      raise "[vlan #{@vlan_id}] '#{e.command}' : #{e.clierror}"
     end
 
     def default_state
@@ -164,8 +192,6 @@ module Cisco
       no_cmd = (val) ? '' : 'no'
       result = config_set('vlan', 'shutdown', @vlan_id, no_cmd)
       cli_error_check(result)
-    rescue CliError => e
-      raise "[vlan #{@vlan_id}] '#{e.command}' : #{e.clierror}"
     end
 
     def default_shutdown
@@ -185,7 +211,7 @@ module Cisco
       interfaces = {}
       all_interfaces.each do |name, i|
         next unless i.switchport_mode == :access
-        next unless i.access_vlan == @vlan_id
+        next unless i.access_vlan.to_i == @vlan_id.to_i
         interfaces[name] = i
       end
       interfaces
@@ -209,5 +235,97 @@ module Cisco
     def default_mapped_vni
       config_get_default('vlan', 'mapped_vni')
     end
+
+    def private_vlan_type
+      return nil unless Feature.private_vlan_enabled?
+      config_get('vlan', 'private_vlan_type', id: @vlan_id)
+    end
+
+    def private_vlan_type=(type)
+      Feature.private_vlan_enable
+      fail TypeError unless type && type.is_a?(String)
+
+      if type == default_private_vlan_type
+        return if private_vlan_type.empty?
+        set_args_keys(state: 'no', type: private_vlan_type)
+        ignore_msg = 'Warning: Private-VLAN CLI removed'
+      else
+        set_args_keys(state: '', type: type)
+        ignore_msg = 'Warning: Private-VLAN CLI entered'
+      end
+      result = config_set('vlan', 'private_vlan_type', @set_args)
+      cli_error_check(result, ignore_msg)
+    end
+
+    def default_private_vlan_type
+      config_get_default('vlan', 'private_vlan_type')
+    end
+
+    def private_vlan_association
+      return nil unless Feature.private_vlan_enabled?
+      config_get('vlan', 'private_vlan_association', id: @vlan_id)
+    end
+
+    def private_vlan_association=(vlan_list)
+      Feature.private_vlan_enable
+      vlan_list_delta(private_vlan_association, vlan_list)
+    end
+
+    def default_private_vlan_association
+      config_get_default('vlan', 'private_vlan_association')
+    end
+
+    # --------------------------
+    # vlan_list_delta is a helper function for the private_vlan_association
+    # property. It walks the delta hash and adds/removes each target private
+    # vlan.
+    # This api is used by private vlan to prepare the input to the setter
+    # method. The input can be in the following formats for vlans:
+    # 10-12,14. Prepare_array api is transforming this input into a flat array.
+    # In the example above the returned array will be 10, 11, 12, 14. Prepare
+    # array is first splitting the input on ',' and the than expanding the vlan
+    # range element like 10-12 into a flat array. The final result will
+    # be a  flat array.
+    # This way we can later used the lib utility to check the delta from
+    # the input vlan value and the vlan configured to apply the right config.
+
+    def vlan_list_delta(is_list, should_list)
+      new_list = []
+      should_list.each do |item|
+        if item.include?(',')
+          new_list.push(item.split(','))
+        else
+          new_list.push(item)
+        end
+      end
+      new_list.flatten!
+      new_list.sort!
+
+      new_list.each { |item| item.gsub!('-', '..') }
+
+      should_list_new = []
+      new_list.each do |elem|
+        if elem.include?('..')
+          elema = elem.split('..').map { |d| Integer(d) }
+          elema.sort!
+          tr = elema[0]..elema[1]
+          tr.to_a.each do |item|
+            should_list_new.push(item.to_s)
+          end
+        else
+          should_list_new.push(elem)
+        end
+      end
+
+      delta_hash = Utils.delta_add_remove(should_list_new, is_list)
+      [:add, :remove].each do |action|
+        delta_hash[action].each do |vlans|
+          state = (action == :add) ? '' : 'no'
+          set_args_keys(state: state, vlans: vlans)
+          result = config_set('vlan', 'private_vlan_association', @set_args)
+          cli_error_check(result)
+        end
+      end
+    end
   end # class
 end # module