2018-06-27 19:00:53 +02:00
#!/usr/bin/env python3
2018-05-24 15:27:42 +02:00
from configparser import ConfigParser
2018-05-26 23:04:14 +02:00
import socket
2018-05-24 15:27:42 +02:00
from re2oapi import Re2oAPIClient
2018-07-02 10:40:45 +02:00
from jinja2 import Environment , FileSystemLoader
2018-07-11 02:35:13 +02:00
import requests
import base64
import json
2018-05-24 15:27:42 +02:00
config = ConfigParser ( )
config . read ( ' config.ini ' )
2018-05-26 23:04:14 +02:00
api_hostname = config . get ( ' Re2o ' , ' hostname ' )
api_password = config . get ( ' Re2o ' , ' password ' )
api_username = config . get ( ' Re2o ' , ' username ' )
api_client = Re2oAPIClient ( api_hostname , api_username , api_password )
client_hostname = socket . gethostname ( ) . split ( ' . ' , 1 ) [ 0 ]
2018-07-08 19:13:58 +02:00
print ( " get switchs conf " )
2018-07-02 10:40:45 +02:00
all_switchs = api_client . list ( " switchs/ports-config/ " )
# Création de l'environnement Jinja
ENV = Environment ( loader = FileSystemLoader ( ' . ' ) )
# Création du template final avec les valeurs contenues dans le dictionnaire "valeurs" - Ces valeurs sont positionnées dans un objet "temp", qui sera utilisé par le moteur, et que l'on retrouve dans le template.
2018-07-08 19:59:13 +02:00
class Switch :
def __init__ ( self ) :
self . additionnal = None
self . all_vlans = api_client . list ( " machines/vlan/ " )
self . all_roles = api_client . list ( " machines/role/ " )
# Import du fichier template dans une variable "template"
self . hp_tpl = ENV . get_template ( " templates/hp.tpl " )
self . conf = None
self . name = None
self . switch = None
2018-07-11 02:35:13 +02:00
self . headers = None
self . creds_dict = None
2018-07-08 19:59:13 +02:00
def get_conf_file_name ( self ) :
return self . switch [ " short_name " ] + " .conf "
def preprocess_hp ( self ) :
""" Prérempli certains valeurs renvoyées directement à jinja, pour plus de simplicité """
def add_to_vlans ( vlans , vlan , port , tagged = True ) :
if not vlan [ ' vlan_id ' ] in vlans :
if not tagged :
vlans [ vlan [ ' vlan_id ' ] ] = { ' ports_untagged ' : [ str ( port [ ' port ' ] ) ] , ' ports_tagged ' : [ ] , ' name ' : vlan [ ' name ' ] }
else :
vlans [ vlan [ ' vlan_id ' ] ] = { ' ports_tagged ' : [ str ( port [ ' port ' ] ) ] , ' ports_untagged ' : [ ] , ' name ' : vlan [ ' name ' ] }
2018-07-08 19:13:58 +02:00
else :
2018-07-08 19:59:13 +02:00
if not tagged :
vlans [ vlan [ ' vlan_id ' ] ] [ ' ports_untagged ' ] . append ( str ( port [ ' port ' ] ) )
else :
vlans [ vlan [ ' vlan_id ' ] ] [ ' ports_tagged ' ] . append ( str ( port [ ' port ' ] ) )
2018-07-08 19:13:58 +02:00
2018-07-08 19:59:13 +02:00
vlans = dict ( )
2018-07-08 19:13:58 +02:00
2018-07-08 19:59:13 +02:00
for port in self . switch [ ' ports ' ] :
if port [ ' get_port_profil ' ] [ ' vlan_untagged ' ] :
add_to_vlans ( vlans , port [ ' get_port_profil ' ] [ ' vlan_untagged ' ] , port , tagged = False )
if port [ ' get_port_profil ' ] [ ' vlan_tagged ' ] :
for vlan in port [ ' get_port_profil ' ] [ ' vlan_tagged ' ] :
add_to_vlans ( vlans , vlan , port )
2018-07-08 19:13:58 +02:00
2018-07-08 19:59:13 +02:00
arp_protect_vlans = [ vlan [ " vlan_id " ] for vlan in self . all_vlans if vlan [ " arp_protect " ] ]
dhcp_snooping_vlans = [ vlan [ " vlan_id " ] for vlan in self . all_vlans if vlan [ " dhcp_snooping " ] ]
dhcpv6_snooping_vlans = [ vlan [ " vlan_id " ] for vlan in self . all_vlans if vlan [ " dhcpv6_snooping " ] ]
2018-07-08 20:31:04 +02:00
igmp_vlans = [ vlan [ " vlan_id " ] for vlan in self . all_vlans if vlan [ " igmp " ] ]
mld_vlans = [ vlan [ " vlan_id " ] for vlan in self . all_vlans if vlan [ " mld " ] ]
2018-07-08 19:59:13 +02:00
ntp_servers = [ server [ " servers " ] for server in self . all_roles if server [ " role_type " ] == " ntp-server " ] [ 0 ]
log_servers = [ server [ " servers " ] for server in self . all_roles if server [ " role_type " ] == " log-server " ] [ 0 ]
dhcp_servers = [ server [ " servers " ] for server in self . all_roles if server [ " role_type " ] == " dhcp " ] [ 0 ]
2018-07-08 20:31:04 +02:00
radius_servers = [ server [ " servers " ] for server in self . all_roles if server [ " role_type " ] == " radius-server " ] [ 0 ]
2018-07-08 19:59:13 +02:00
ra_guarded = [ str ( port [ ' port ' ] ) for port in self . switch [ ' ports ' ] if port [ ' get_port_profil ' ] [ ' ra_guard ' ] ]
loop_protected = [ str ( port [ ' port ' ] ) for port in self . switch [ ' ports ' ] if port [ ' get_port_profil ' ] [ ' loop_protect ' ] ]
2018-07-08 19:13:58 +02:00
2018-07-08 20:31:04 +02:00
self . additionals = { ' ra_guarded ' : ra_guarded , ' loop_protected ' : loop_protected , ' vlans ' : vlans , ' arp_protect_vlans ' : arp_protect_vlans , ' dhcp_snooping_vlans ' : dhcp_snooping_vlans , ' dhcpv6_snooping_vlans ' : dhcpv6_snooping_vlans , ' ntp_servers ' : ntp_servers , ' log_servers ' : log_servers , ' dhcp_servers ' : dhcp_servers , ' radius_servers ' : radius_servers , ' igmp_vlans ' : igmp_vlans , ' mld_vlans ' : mld_vlans }
2018-07-08 19:13:58 +02:00
2018-07-08 19:59:13 +02:00
def gen_conf_hp ( self ) :
""" Génère la config pour ce switch hp """
self . preprocess_hp ( )
self . conf = self . hp_tpl . render ( switch = self . switch , additionals = self . additionals )
2018-07-11 02:35:13 +02:00
def check_and_get_login ( self ) :
""" Récupère les login/mdp du switch, renvoie false si ils sont indisponibles """
self . creds_dict = self . switch [ " get_management_cred_value " ]
if self . creds_dict :
return True
else :
return False
def login_hp ( self ) :
""" Login into rest interface of this switch """
url_login = " http:// " + self . switch [ " ipv4 " ] + " /rest/v3/login-sessions "
payload_login = {
" userName " : self . creds_dict [ " id " ] ,
" password " : self . creds_dict [ " pass " ]
}
get_cookie = requests . post ( url_login , data = json . dumps ( payload_login ) )
cookie = get_cookie . json ( ) [ ' cookie ' ]
self . headers = { " Cookie " : cookie }
def apply_conf_hp ( self ) :
""" Apply config restore via rest """
url_restore = " http:// " + self . switch [ " ipv4 " ] + " /rest/v4/system/config/cfg_restore "
data = {
" server_type " : " ST_TFTP " ,
" file_name " : self . get_conf_file_name ( ) ,
" tftp_server_address " : { " server_address " :
{ " ip_address " :
{ " version " : " IAV_IP_V4 " ,
" octets " : " 10.231.100.249 " } } } ,
}
# Nous lançons la requête de type POST.
post_restore = requests . post ( url_restore , data = json . dumps ( data ) , headers = self . headers )
2018-07-09 00:43:21 +02:00
def gen_conf_and_write ( self ) :
""" Génère la conf suivant le bon constructeur et l ' écrit """
if self . switch [ " model " ] :
constructor = self . switch [ " model " ] [ " constructor " ] . lower ( )
if " hp " in constructor or " aruba " in constructor :
self . gen_conf_hp ( )
self . write_conf ( )
2018-07-11 02:35:13 +02:00
def apply_conf ( self ) :
if self . check_and_get_login ( ) :
if self . switch [ " model " ] and self . switch [ " automatic_provision " ] == True :
constructor = self . switch [ " model " ] [ " constructor " ] . lower ( )
if " hp " in constructor or " aruba " in constructor :
self . login_hp ( )
self . apply_conf_hp ( )
2018-07-08 19:59:13 +02:00
def write_conf ( self ) :
2018-07-09 00:43:21 +02:00
""" Ecriture de la conf du switch dans le fichier qui va bien """
2018-07-08 19:59:13 +02:00
with open ( " generated/ " + self . get_conf_file_name ( ) , ' w+ ' ) as f :
f . write ( self . conf )
2018-07-08 19:13:58 +02:00
print ( " gen tpl " )
2018-07-08 19:59:13 +02:00
sw = Switch ( )
for switch in all_switchs :
sw . switch = switch
2018-07-11 02:35:13 +02:00
sw . gen_conf_and_write ( )
sw . apply_conf ( )
# sw.gen_conf_hp()
# sw.write_conf()
2018-07-08 19:13:58 +02:00