Release 2.0.0

.travis.yml

@@ -7,6 +7,8 @@ rvm:
   - 2.2.2
   - 2.1.6
   - 2.0.0-p648 # specify non-clang version of ruby
+before_install:
+ - gem install bundler -v '< 2'
 
 script:
  - bundle exec rake

CHANGELOG.md

@@ -1,6 +1,30 @@
 Changelog
 =========
 
+## [v2.0.0]
+
+### New Cisco Resources
+
+### Added
+* Extend nxapi client for https support
+   * `use_ssl` will be true when `transport` is `https`
+   * now makes use of `port` for custom nxapi ports
+* Extend router_ospf_vrf with attribute:
+   * `redistribute`
+* `reset_instance` method to node. Allows a single instance of nodeutils to reset the environment cache.
+* Extend vxlan_vtep_vni with attribute:
+  * `suppress_arp_disable`
+* Extend vxlan_vtep with attributes:
+  * `global_suppress_arp`
+  * `global_ingress_replication_bgp`
+  * `global_mcast_group_l2`
+  * `global_mcast_group_l3`
+
+### Removed
+  * Removed cache in `node_util.node`, which gave every inheriting class it's own cache.
+
+### Changed
+
 ## [v1.10.0]
 
 ### New Cisco Resources
@@ -587,6 +611,7 @@ Cisco::Environment.add_env('default', env)
 [git-flow]: https://github.com/petervanderdoes/gitflow-avh
 [SimpleCov]: https://github.com/colszowka/simplecov
 
+[v2.0.0]: https://github.com/cisco/cisco-network-node-utils/compare/v1.10.0...v2.0.0
 [v1.10.0]: https://github.com/cisco/cisco-network-node-utils/compare/v1.9.0...v1.10.0
 [v1.9.0]: https://github.com/cisco/cisco-network-node-utils/compare/v1.8.0...v1.9.0
 [v1.8.0]: https://github.com/cisco/cisco-network-node-utils/compare/v1.7.0...v1.8.0

lib/cisco_node_utils/bgp.rb

@@ -827,7 +827,7 @@ def route_distinguisher=(rd)
       # explicit values when removing the rd command. These restrictions are
       # not not needed in I3 and newer images.
       Feature.nv_overlay_evpn_enable if
-        Utils.nexus_i2_image || node.product_id[/N7/]
+        Utils.nexus_i2_image || node.product_id[/N[567]/]
 
       if rd == default_route_distinguisher
         return if route_distinguisher.empty?

lib/cisco_node_utils/cisco_cmn_utils.rb

@@ -113,6 +113,14 @@ def self.chassis_pid?(ver_regexp)
       return true if Platform.chassis['pid'][ver_regexp]
     end
 
+    def self.fretta?
+      require_relative 'platform'
+      Platform.slots.each do |_x, row|
+        return true if row['pid'][/-R/]
+      end
+      false
+    end
+
     # Helper utility method for ip/prefix format networks.
     # For ip/prefix format '1.1.1.1/24' or '2000:123:38::34/64',
     # we need to mask the address using the prefix length so that they
@@ -362,9 +370,9 @@ def self.merge_range(range)
     end # merge_range
 
     def self.add_quotes(value)
-      return value if image_version?(/7.3/)
-      value = "\"#{value}\"" unless
-        value.start_with?('"') && value.end_with?('"')
+      return value if image_version?(/7.3.[0-1]/) || value.nil?
+      value = "'#{value}'" unless
+        value.start_with?('"', "'") && value.end_with?('"', "'")
       value
     end # add_quotes
 

lib/cisco_node_utils/client/nxapi/client.rb

@@ -2,7 +2,7 @@
 #
 # November 2014, Glenn F. Matthews
 #
-# Copyright (c) 2014-2016 Cisco and/or its affiliates.
+# Copyright (c) 2014-2019 Cisco and/or its affiliates.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -60,7 +60,11 @@ def initialize(**kwargs)
     else
       # Remote connection. This is primarily expected
       # when running e.g. from a Unix server as part of Minitest.
-      @http = Net::HTTP.new(@host)
+      @transport = kwargs[:transport] || 'http'
+      @verify_mode = kwargs[:verify_mode] || 'none'
+      @port.nil? ? @port = '' : @port = ":#{@port}"
+      uri = URI.parse("#{@transport}://#{@host}#{@port}")
+      @http = Net::HTTP.new(uri.host, uri.port)
     end
     # The default read time out is 60 seconds, which may be too short for
     # scaled configuration to apply. Change it to 300 seconds, which is
@@ -205,14 +209,18 @@ def req(type, command_or_list)
     request = build_http_request(type, command)
 
     # send the request and get the response
-    debug("Sending HTTP request to NX-API at #{@http.address}:\n" \
+    debug("Sending #{@transport} request to NX-API at #{@http.address}:\n" \
           "#{request.to_hash}\n#{request.body}")
     read_timeout_check(request)
     tries = 2
     begin
-      # Explicitly use http to avoid EOFError
-      # http://stackoverflow.com/a/23080693
-      @http.use_ssl = false
+      if @transport == 'https'
+        debug('Setting use_ssl to true')
+        @http.use_ssl = true
+        @http.verify_mode = handle_verify_mode(@verify_mode)
+      else
+        @http.use_ssl = false
+      end
       response = @http.request(request)
     rescue Errno::ECONNREFUSED, Errno::ECONNRESET
       emsg = 'Connection refused or reset. Is the NX-API feature enabled?'
@@ -268,6 +276,32 @@ def build_http_request(type, command_string)
   end
   private :build_http_request
 
+  # Returns the OpenSSL verify mode based on the verify_mode arguments
+  #
+  # @raise if verify_mode param is not `peer`, `client-once`, `fail-no-peer`
+  #        or `none`
+  #
+  # @param String verify mode to use
+  #
+  # @return OpenSSL::SSL verification mode
+  def handle_verify_mode(verify_mode)
+    case verify_mode
+    when 'peer'
+      OpenSSL::SSL::VERIFY_PEER
+    when 'client-once'
+      OpenSSL::SSL::VERIFY_CLIENT_ONCE
+    when 'fail-no-peer'
+      OpenSSL::SSL::VERIFY_FAIL_IF_NO_PEER_CERT
+    when 'none'
+      OpenSSL::SSL::VERIFY_NONE
+    else
+      fail "#{verify_mode} is not a valid mode, " \
+            'valid modes are: "none", "peer", ' \
+            '"client-once", "fail-no-peer"'
+    end
+  end
+  private :handle_verify_mode
+
   def handle_http_response(response)
     debug("HTTP Response: #{response.message}\n#{response.body}")
     case response

lib/cisco_node_utils/cmd_ref/acl.yaml

@@ -36,7 +36,7 @@ all_acls:
 
 fragments:
   # Note: The ACL 'fragments' keyword is independent of ACE 'fragments'
-  _exclude: [N5k, N6k]
+  _exclude: [N5k, N6k, N3k-F, N9k-F]
   get_value: '/fragments (\S+)$/'
   set_value: '<state> fragments <action>'
   default_value: ~

lib/cisco_node_utils/cmd_ref/banner.yaml

@@ -1,7 +1,11 @@
 # banner
 ---
 motd:
-  default_value: "User Access Verification\n"
+  N5k: &N6000
+    default_value: "Nexus 6000 Switch\n"
+  N6k: *N6000
+  else:
+    default_value: "User Access Verification\n"
   get_command: 'show banner motd'
   get_value: '/^.*$/m'
   set_value: '<state> banner motd <motd>'

lib/cisco_node_utils/cmd_ref/feature.yaml

@@ -31,8 +31,14 @@ fabric_forwarding:
   get_value: '/^feature fabric forwarding$/'
   set_value: "feature fabric forwarding"
 
+fabricpath:
+  _exclude: [N3k, N3k-F, N9k-F, N9k]
+  get_command: "show feature-set"
+  get_value: '/^fabricpath[\s\d]+(\w+)/'
+  set_value: "<state> feature-set fabricpath"
+
 fex:
-  _exclude: [C3064, C3132, N5k, N6k, N3k-F, N9k-F]
+  _exclude: [C3048, C3064, C3132, N5k, N6k, N3k-F, N9k-F]
   get_command: "show feature-set"
   get_value: '/^fex[\s\d]+(\w+)/'
   set_value: "<state> feature-set fex"
@@ -113,6 +119,7 @@ vni:
     set_value: 'feature vn-segment-vlan-based'
 
 vtp:
+  _exclude: [N3k-F, N9k-F]
   kind: boolean
   get_value: '/^feature vtp$/'
   set_value: "<state> feature vtp"

lib/cisco_node_utils/cmd_ref/interface_ospf.yaml

@@ -21,7 +21,7 @@ bfd:
   # no config at all so need to grab the optional
   # match to get the whole config for checking
   # the mode
-  get_value: '/^\s*ip ospf bfd *(?:\S+)?$/'
+  get_value: '/^\s*ip ospf bfd *(?:\S*)$/'
   set_value: '%s ip ospf bfd %s'
   default_value: ~
 

lib/cisco_node_utils/cmd_ref/interface_service_vni.yaml

@@ -11,6 +11,11 @@ _template:
     - 'interface <name>'
     - 'service instance <sid> vni'
 
+all_interfaces:
+  multiple:
+  get_context: ~
+  get_value: '/^interface (.*)/'
+
 all_service_vni_ids:
   multiple:
   get_context:

lib/cisco_node_utils/cmd_ref/inventory.yaml

@@ -41,5 +41,5 @@ versionid:
   nexus:
     get_value: ["name \"Chassis\"", "vendorid"]
   N5k: &vendorid5k
-    get_value: ["name Chassis", "serialnum"]
+    get_value: ["name Chassis", "vendorid"]
   N6k: *vendorid5k

lib/cisco_node_utils/cmd_ref/ospf.yaml

@@ -39,6 +39,13 @@ process_initialized:
   get_command: "show ip ospf stat"
   get_value: '/^No SAP is registered/' # Ospf is not initialized when seen
 
+redistribute:
+  # no support yet for redistribute maximum-prefix
+  multiple: true
+  get_value: '/^redistribute (\S+ ?\S+?) route-map (\S+)$/'
+  set_value: '<state> redistribute <protocol> route-map <route_map>'
+  default_value: []
+
 router:
   multiple: true
   get_command: "show running ospf"

lib/cisco_node_utils/cmd_ref/route_map.yaml

@@ -361,7 +361,7 @@ set_distance_local:
 
 # there is more than one space before delete on some platforms
 set_extcomm_list:
-  get_value: '/^set extcomm-list (\S+)(?:\s+)? delete$/'
+  get_value: '/^set extcomm-list (\S+)\s+delete$/'
   set_value: "<state> set extcomm-list <list> delete"
   default_value: false
 

lib/cisco_node_utils/cmd_ref/vtp.yaml

@@ -1,6 +1,6 @@
 # vtp
 ---
-_exclude: [ios_xr]
+_exclude: [ios_xr, N3k-F, N9k-F]
 
 # VTP behaves differently across the various Nexus platforms and as a
 # result it's not currently possible to use a single 'show running'

lib/cisco_node_utils/cmd_ref/vxlan_vtep.yaml

@@ -12,6 +12,36 @@ all_interfaces:
   get_context: ~
   get_value: '/^interface (.*)$/'
 
+global_ingress_replication_bgp:
+  _exclude: [N3k-F, N5k, N6k, N7k, N9k-F]
+  os_version: 'N9k:9.2'
+  kind: boolean
+  get_value: '/^global ingress-replication protocol bgp$/'
+  set_value: '<state> global ingress-replication protocol bgp'
+  default_value: false
+
+global_mcast_group_l2:
+  _exclude: [N3k-F, N5k, N6k, N7k]
+  os_version: 'N9k, N9k-F:9.2'
+  get_value: '/^global mcast-group (\S+) L2$/'
+  set_value: '<state> global mcast-group <ip> L2'
+  default_value: ~
+
+global_mcast_group_l3:
+  _exclude: [N3k-F, N5k, N6k, N7k, N9k-F]
+  os_version: 'N9k:9.2'
+  get_value: '/^global mcast-group (\S+) L3$/'
+  set_value: '<state> global mcast-group <ip> L3'
+  default_value: ~
+
+global_suppress_arp:
+  _exclude: [N3k-F, N5k, N6k, N7k]
+  os_version: 'N9k, N9k-F:9.2'
+  kind: boolean
+  get_value: '/^global suppress-arp$/'
+  set_value: '<state> global suppress-arp'
+  default_value: false
+
 host_reachability:
   get_value: '/^host-reachability protocol (\S+)/'
   set_value: '<state> host-reachability protocol <proto>'

lib/cisco_node_utils/cmd_ref/vxlan_vtep_vni.yaml

@@ -16,7 +16,7 @@ all_vnis:
   get_value: '/^member vni (\d+|\d+-\d+) ?(associate-vrf)?$/'
 
 ingress_replication:
-  _exclude: [N5k, N6k, N7k]
+  _exclude: [N3k-F, N5k, N6k, N7k, N9k-F]
   kind: string
   get_value: '/^ingress-replication protocol (\S+)$/'
   set_value: '<state> ingress-replication protocol <protocol>'
@@ -35,7 +35,7 @@ multisite_ingress_replication:
   default_value: false
 
 peer_list:
-  _exclude: [N5k, N6k, N7k]
+  _exclude: [N3k-F, N5k, N6k, N7k, N9k-F]
   multiple:
   get_context:
     - '/^interface <name>$/i'
@@ -55,6 +55,13 @@ suppress_arp:
   set_value: '<state> suppress-arp'
   default_value: false
 
+suppress_arp_disable:
+  _exclude: [N3k-F, N5k, N6k, N7k]
+  os_version: 'N9k, N9k-F:9.2'
+  get_value: '/^suppress-arp disable$/'
+  set_value: '<state> suppress-arp disable'
+  default_value: ~
+
 suppress_uuc:
   _exclude: [N3k-F, N9k-F, N9k]
   os_version: 'N7k:8.1.1'

lib/cisco_node_utils/command_reference.rb

@@ -437,8 +437,8 @@ def debug(text)
       puts "DEBUG: #{text}" if @@debug
     end
 
-    KNOWN_PLATFORMS = %w(C3064 C3132 C3172 N35 N3k N3k-F N5k N6k N7k N9k N9k-F
-                         XRv9k)
+    KNOWN_PLATFORMS = %w(C3048 C3064 C3132 C3172 N35 N3k N3k-F N5k N6k N7k N9k
+                         N9k-F XRv9k)
 
     def self.platform_to_filter(platform)
       if KNOWN_PLATFORMS.include?(platform)

lib/cisco_node_utils/dhcp_relay_global.rb

@@ -172,7 +172,6 @@ def default_ipv4_src_addr_hsrp
 
     def ipv4_src_intf
       intf = config_get('dhcp_relay_global', 'ipv4_src_intf')
-      # Normalize by downcasing and removing white space
       intf = intf.downcase.delete(' ') if intf
       intf
     end
@@ -207,10 +206,7 @@ def default_ipv4_sub_option_circuit_id_custom
     def ipv4_sub_option_circuit_id_string
       str = config_get('dhcp_relay_global', 'ipv4_sub_option_circuit_id_string')
       # Normalize by removing white space and add quotes
-      if str
-        str.strip!
-        str = Utils.add_quotes(str)
-      end
+      str.strip! if str.kind_of?(String)
       str
     end