ansible-netmiko-stdlib icon indicating copy to clipboard operation
ansible-netmiko-stdlib copied to clipboard

Published 20 hours ago verified publisher icon supertylerc

Pre-Deploy Compare

Open coxley opened this issue 9 years ago • 4 comments

Have you had any thoughts about implementing a pre-deploy compare? I've been thinking of something to do for one-off FTOS devices (which is pretty cisco-like, but worse).

mpenning/ciscoconfparse seems to be a good fit for this, pretty sure they have a diff option.

coxley avatar Nov 12 '15 06:11 coxley

@coxley, sorry for the delayed response!

Supporting check mode (and using it to write pre-deploy comparisons) is something that I've considered, but it would require a lot of work to support non-IOS configs (such as Juniper or Vyatta).

I also don't currently have time to work on new features for the project. I would accept and merge any pull requests, though!

Thanks!

supertylerc avatar Dec 01 '15 00:12 supertylerc

@supertylerc, no problem!

For Juniper, though, you have junos-install-configs from their ansible stdlib - Nothing for IOS-like devices. Our issue is automating some unfortunate Cisco-like products that will remain for awhile.

For sure, I'd be fine with implementing it myself though I'm bad at piloting CiscoConfParse. Do you know if there's a way to "diff" configurations with it instead of auditing manually ('this line' must exist)?

coxley avatar Dec 01 '15 04:12 coxley

The biggest problem is guaranteeing order. Example of two configs that are identical but out of order:

In [1]: from ciscoconfparse import CiscoConfParse

In [2]: orig_conf = CiscoConfParse('orig.conf')

In [3]: new_conf = CiscoConfParse('new.conf')

In [4]: orig_conf.ioscfg
Out[4]: 
['!',
 '!',
 'interface FastEthernet0/0',
 ' description LAN',
 ' ip address 6.6.6.6 255.255.255.0',
 '!',
 'interface Loopback1',
 ' description Management',
 ' ip address 9.9.9.9 255.255.255.255',
 '!',
 '!']

In [5]: new_conf.ioscfg
Out[5]: 
['!',
 '!',
 'interface Loopback1',
 ' description Management',
 ' ip address 9.9.9.9 255.255.255.255',
 '!',
 'interface FastEthernet0/0',
 ' description LAN',
 ' ip address 6.6.6.6 255.255.255.0',
 '!',
 '!']

In [6]:

If you were to diff this, you'd get this:

 ❯ diff orig.conf new.conf
diff --git a/orig.conf b/new.conf
index 5526a9b..efaf139 100644
--- a/orig.conf
+++ b/new.conf
@@ -1,11 +1,11 @@
 !
 !
-interface FastEthernet0/0
- description LAN
- ip address 6.6.6.6 255.255.255.0
-!
 interface Loopback1
  description Management
  ip address 9.9.9.9 255.255.255.255
 !
+interface FastEthernet0/0
+ description LAN
+ ip address 6.6.6.6 255.255.255.0
+!
 !

CiscoConfParse would need to have a way to enforce order, and I don't think it does. You can get around this by writing a lot of code. You can probably use req_cfgspec_all_diff or similar. Saying that a line must exist is the best way I can think of to get an accurate "diff".

I know this probably isn't very helpful. :( IOS config is unstructured, unordered, and difficult to diff.

supertylerc avatar Dec 01 '15 05:12 supertylerc

Ah, yeah. :(

My thought was that sense CiscoConfParse knows about "objects" (items which have children config), it could diff easily at least on objects. But yeah, I can see where a lot of code would need to be written for it.

coxley avatar Dec 01 '15 05:12 coxley