File: //opt/saltstack/salt/lib/python3.10/site-packages/salt/proxy/__pycache__/nxos_api.cpython-310.pyc
o
�����N�gA������������������������@���sv���d�Z�d�d�l�Z�d�d�l�Z�d�d�l�m�Z���d�g�Z�d�Z�e���e���Z i�Z
d�d���Z�d�d���Z�d d
��Z
d�d���Z�d
d���Z�d�d���Z�d�d�d���Z�d�S�)�a����
Proxy Minion to manage Cisco Nexus Switches (NX-OS) over the NX-API
.. versionadded:: 2019.2.0
Proxy module for managing Cisco Nexus switches via the NX-API.
:codeauthor: Mircea Ulinic <ping@mirceaulinic.net>
:maturity: new
:platform: any
Usage
=====
.. note::
To be able to use this module you need to enable to NX-API on your switch,
by executing ``feature nxapi`` in configuration mode.
Configuration example:
.. code-block:: bash
switch# conf t
switch(config)# feature nxapi
To check that NX-API is properly enabled, execute ``show nxapi``.
Output example:
.. code-block:: bash
switch# show nxapi
nxapi enabled
HTTPS Listen on port 443
.. note::
NX-API requires modern NXOS distributions, typically at least 7.0 depending
on the hardware. Due to reliability reasons it is recommended to run the
most recent version.
Check https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus7000/sw/programmability/guide/b_Cisco_Nexus_7000_Series_NX-OS_Programmability_Guide/b_Cisco_Nexus_7000_Series_NX-OS_Programmability_Guide_chapter_0101.html
for more details.
Pillar
------
The ``nxos_api`` proxy configuration requires the following parameters in order
to connect to the network switch:
transport: ``https``
Specifies the type of connection transport to use. Valid values for the
connection are ``http``, and ``https``.
host: ``localhost``
The IP address or DNS host name of the connection device.
username: ``admin``
The username to pass to the device to authenticate the NX-API connection.
password
The password to pass to the device to authenticate the NX-API connection.
port
The TCP port of the endpoint for the NX-API connection. If this keyword is
not specified, the default value is automatically determined by the
transport type (``80`` for ``http``, or ``443`` for ``https``).
timeout: ``60``
Time in seconds to wait for the device to respond. Default: 60 seconds.
verify: ``True``
Either a boolean, in which case it controls whether we verify the NX-API
TLS certificate, or a string, in which case it must be a path to a CA bundle
to use. Defaults to ``True``.
When there is no certificate configuration on the device and this option is
set as ``True`` (default), the commands will fail with the following error:
``SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:581)``.
In this case, you either need to configure a proper certificate on the
device (*recommended*), or bypass the checks setting this argument as ``False``
with all the security risks considered.
Check https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus3000/sw/programmability/6_x/b_Cisco_Nexus_3000_Series_NX-OS_Programmability_Guide/b_Cisco_Nexus_3000_Series_NX-OS_Programmability_Guide_chapter_01.html
to see how to properly configure the certificate.
All the arguments may be optional, depending on your setup.
Proxy Pillar Example
--------------------
.. code-block:: yaml
proxy:
proxytype: nxos_api
host: switch1.example.com
username: example
password: example
�����N)��
SaltExceptionZ�nxos_apic��������������������C���s����t�S�)�zV
This Proxy Module is widely available as there are no external dependencies.
)���__virtualname__��r����r�����G/opt/saltstack/salt/lib/python3.10/site-packages/salt/proxy/nxos_api.py��__virtual__����s������r����c��������������������C���s����|���d�i���}�t���|���}�|���d�d�����|���d�d���|�d�<�z�t�d���d�i�|�����}�|�t�d�<�d�t�d <�d�t�d
<�W�d�S���t�yC������t�j�d�|�d���d�d
������w�)�a����
Open the connection to the Nexsu switch over the NX-API.
As the communication is HTTP based, there is no connection to maintain,
however, in order to test the connectivity and make sure we are able to
bring up this Minion, we are executing a very simple command (``show clock``)
which doesn't come with much overhead and it's sufficient to confirm we are
indeed able to connect to the NX-API endpoint as configured.
��proxyZ proxytypeN��multiprocessingT��nxos_api.rpc�
show clock� conn_args��initialized��upz�Unable to connect to %s��host)���exc_info)�r
���) ��get��copy��deepcopy��pop� __utils__��nxos_devicer������log��error)���optsZ
proxy_dictr����Z rpc_replyr����r����r������init����s�����
�������������
�����������r����c��������������������C��������t���d�d���S�)�z'
Connection open successfully?
r
���F��r����r����r����r����r����r������ping�����������r����c��������������������C���r����)�z+
Connection finished initializing?
r����Fr����r����r����r����r����r��������r����r����c��������������������C���s����t���d�|�d�������d�S�)�z,
Closes connection with the device.
z*Shutting down the nxos_api Proxy Minion %s��idN)�r������debug)�r����r����r����r������shutdown����s������r ���c��������������������C���s����t���t�d�����}�|�S�)�z?
Returns the connection arguments of the Proxy Minion.
r����)�r����r����r����)�r����r����r����r�����
get_conn_args����s��������r!�����clic��������������������K���s*���t�d���}�|���|�����t�d���|�f�d�|�i�|�����S�)�z2
Executes an RPC request over the NX-API.
r����r �����method)�r������updater����)�Z�commandsr#�����kwargsr����r����r����r������rpc����s������
���r&���)�r"���)���__doc__r������loggingZ�salt.exceptionsr����Z�__proxyenabled__r����� getLogger��__name__r����r����r����r����r����r����r ���r!���r&���r����r����r����r������<module>����s�������e��������
�����������������