Hi all,
I had posted to this list a month or so ago about writing a module for an HP switch (HP V1910-24G Switch, Comware 5.0-based).
This has been quite a learning experience!
I reviewed this with my team today and there were some concerns that I might’ve taken the wrong approach.
I’ll explain what I’m dealing with:
-
This switch has an ssh interface and web UI (no exposed REST API that I can find)
-
This switch has a limited command-set that you have to enable (a “developer command-line mode”) if you want to do any useful work. Enabling means you type in a command, answer ‘Y’ to confirm, then type in a password (http://h30499.www3.hp.com/t5/Web-and-Unmanaged/How-limited-is-the-1910-CLI/td-p/5966697#.VCTQ-ktZsnj)
-
This switch has a very specific command set and levels of views within it
-
This switch doesn’t offer the ability, that I can find, to be able to do anything such as get a python binary on it (the Arista switch guys seem to do this)
What I wrote:
- I originally looked at a connection plugin, but the connection isn’t the problem
- The problem I had using either the default ssh or paramiko, I originally though was the ssh part. It isn’t, it is that Ansible attempts to create a temporary directory on the host it is running against. The switch can’t do this before turning on the “developer command-line mode”.
- I needed up writing a module that uses paramiko, but from within the module itself, so this module has to use “local_action” and supply a hostname, username, and password in the playbook to connect.
My playbooks appear like:
file: switch.yml
- hosts: localhost
tasks: - name: set switch in developer mode
local_action:
module: hpswitch
developer_mode: true
host: 192.168.x.x
save: true
username: admin
password: xxx
timeout: 30
vlans: - name: VLAN 11
id: 11
interfaces: - GigabitEthernet1/0/9
- GigabitEthernet1/0/10
state: present - name: VLAN 12
id: 12
interfaces: - GigabitEthernet1/0/11
- GigabitEthernet1/0/12
state: present
Which would create two VLANs. Or, I can use this form:
file: switch.yml
- hosts: localhost
tasks: - name: set switch in developer mode
hpswitch: developer_mode=true host=192.168.x.x name=admin password=xxxx
It was pointed out to me the way Arista does it as something to look at:
tasks:
- name: create vlan 999
action: arista_vlan vlan_id=999 logging=true
- name: create / edit vlan 999
action: arista_vlan vlan_id=999 name=test logging=true
- name: remove vlan 999
action: arista_vlan vlan_id=999 state=absent logging=true
This is very nice, but the Arista router has completely different features and it seems some sort of posix shell as well as python to use. I need to be very particular in how I talk to my switch.
The paramiko code I used I had to specifically use channel.send(cmd) and then read everything I could with channel.read() (as opposed to running exec_command()).
So, it seems to me that I need to somehow “hijack” the connection and have developer mode turned on before Ansible creates the temporary directory – and evan that (temp dir) I don’t know will work.
So, first off -
- What are the thoughts on the way I did this?
- Is there a way to use inventory hostname such that my playbook, even though using a local action, will use a connection to the remote machine without having it be in the playbook?
- Is having a remote temp dir required? Can it be turned off?
- Has anyone out there done anything like this?
Thank you!
PS. My fork is: https://github.com/CaptTofu/ansible, the features/hp_switch branch (work in progress!)