root / ncclient / manager.py @ e3b66e4b
History | View | Annotate | Download (6.6 kB)
| 1 |
# Copyright 2009 Shikhar Bhushan
|
|---|---|
| 2 |
#
|
| 3 |
# Licensed under the Apache License, Version 2.0 (the "License");
|
| 4 |
# you may not use this file except in compliance with the License.
|
| 5 |
# You may obtain a copy of the License at
|
| 6 |
#
|
| 7 |
# http://www.apache.org/licenses/LICENSE-2.0
|
| 8 |
#
|
| 9 |
# Unless required by applicable law or agreed to in writing, software
|
| 10 |
# distributed under the License is distributed on an "AS IS" BASIS,
|
| 11 |
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
| 12 |
# See the License for the specific language governing permissions and
|
| 13 |
# limitations under the License.
|
| 14 |
|
| 15 |
"This module is a thin layer of abstraction around the library. It exposes all core functionality."
|
| 16 |
|
| 17 |
import capabilities |
| 18 |
import operations |
| 19 |
import transport |
| 20 |
|
| 21 |
import logging |
| 22 |
logger = logging.getLogger('ncclient.manager')
|
| 23 |
|
| 24 |
CAPABILITIES = [ |
| 25 |
"urn:ietf:params:netconf:base:1.0",
|
| 26 |
"urn:ietf:params:netconf:capability:writable-running:1.0",
|
| 27 |
"urn:ietf:params:netconf:capability:candidate:1.0",
|
| 28 |
"urn:ietf:params:netconf:capability:confirmed-commit:1.0",
|
| 29 |
"urn:ietf:params:netconf:capability:rollback-on-error:1.0",
|
| 30 |
"urn:ietf:params:netconf:capability:startup:1.0",
|
| 31 |
"urn:ietf:params:netconf:capability:url:1.0?scheme=http,ftp,file,https,sftp",
|
| 32 |
"urn:ietf:params:netconf:capability:validate:1.0",
|
| 33 |
"urn:ietf:params:netconf:capability:xpath:1.0",
|
| 34 |
"urn:liberouter:params:netconf:capability:power-control:1.0"
|
| 35 |
"urn:ietf:params:netconf:capability:interleave:1.0"
|
| 36 |
#'urn:ietf:params:netconf:capability:notification:1.0', # TODO
|
| 37 |
] |
| 38 |
"""A list of URI's representing the client's capabilities. This is used during the initial
|
| 39 |
capability exchange. Modify this if you need to announce some capability not already included.
|
| 40 |
"""
|
| 41 |
|
| 42 |
OPERATIONS = {
|
| 43 |
"get": operations.Get,
|
| 44 |
"get_config": operations.GetConfig,
|
| 45 |
"edit_config": operations.EditConfig,
|
| 46 |
"copy_config": operations.CopyConfig,
|
| 47 |
"validate": operations.Validate,
|
| 48 |
"commit": operations.Commit,
|
| 49 |
"discard_changes": operations.DiscardChanges,
|
| 50 |
"delete_config": operations.DeleteConfig,
|
| 51 |
"lock": operations.Lock,
|
| 52 |
"unlock": operations.Unlock,
|
| 53 |
"close_session": operations.CloseSession,
|
| 54 |
"kill_session": operations.KillSession,
|
| 55 |
"poweroff_machine": operations.PoweroffMachine,
|
| 56 |
"reboot_machine": operations.RebootMachine
|
| 57 |
} |
| 58 |
"""Dictionary of method names and corresponding `~ncclient.operations.RPC` subclasses. It is used to
|
| 59 |
lookup operations, e.g. "get_config" is mapped to `~ncclient.operations.GetConfig`. It is thus
|
| 60 |
possible to add additional operations to the `Manager` API."""
|
| 61 |
|
| 62 |
def connect_ssh(*args, **kwds): |
| 63 |
"""Initializes a NETCONF session over SSH, and creates a connected `Manager` instance. *host*
|
| 64 |
must be specified, all the other arguments are optional and depend on the kind of host key
|
| 65 |
verification and user authentication you want to complete.
|
| 66 |
|
| 67 |
For the purpose of host key verification, on -NIX systems a user's :file:`~/.ssh/known_hosts`
|
| 68 |
file is automatically considered. The *unknown_host_cb* argument specifies a callback that will
|
| 69 |
be invoked when the server's host key cannot be verified. See
|
| 70 |
:func:`~ncclient.transport.ssh.default_unknown_host_cb` for function signature.
|
| 71 |
|
| 72 |
First, ``publickey`` authentication is attempted. If a specific *key_filename* is specified, it
|
| 73 |
will be loaded and authentication attempted using it. If *allow_agent* is :const:`True` and an
|
| 74 |
SSH agent is running, the keys provided by the agent will be tried. If *look_for_keys* is
|
| 75 |
:const:`True`, keys in the :file:`~/.ssh/id_rsa` and :file:`~.ssh/id_dsa` will be tried. In case
|
| 76 |
an encrypted key file is encountered, the *password* argument will be used as a decryption
|
| 77 |
passphrase.
|
| 78 |
|
| 79 |
If ``publickey`` authentication fails and the *password* argument has been supplied,
|
| 80 |
``password`` / ``keyboard-interactive`` SSH authentication will be attempted.
|
| 81 |
|
| 82 |
:param host: hostname or address on which to connect
|
| 83 |
:type host: `string`
|
| 84 |
|
| 85 |
:param port: port on which to connect
|
| 86 |
:type port: `int`
|
| 87 |
|
| 88 |
:param timeout: timeout for socket connect
|
| 89 |
:type timeout: `int`
|
| 90 |
|
| 91 |
:param unknown_host_cb: optional; callback that is invoked when host key verification fails
|
| 92 |
:type unknown_host_cb: `function`
|
| 93 |
|
| 94 |
:param username: username to authenticate with, if not specified the username of the logged-in user is used
|
| 95 |
:type username: `string`
|
| 96 |
|
| 97 |
:param password: password for ``password`` authentication or passphrase for decrypting private key files
|
| 98 |
:type password: `string`
|
| 99 |
|
| 100 |
:param key_filename: location of a private key file on the file system
|
| 101 |
:type key_filename: `string`
|
| 102 |
|
| 103 |
:param allow_agent: whether to try connecting to SSH agent for keys
|
| 104 |
:type allow_agent: `bool`
|
| 105 |
|
| 106 |
:param look_for_keys: whether to look in usual locations for keys
|
| 107 |
:type look_for_keys: `bool`
|
| 108 |
|
| 109 |
:raises: :exc:`~ncclient.transport.SSHUnknownHostError`
|
| 110 |
:raises: :exc:`~ncclient.transport.AuthenticationError`
|
| 111 |
|
| 112 |
:rtype: `Manager`
|
| 113 |
"""
|
| 114 |
session = transport.SSHSession(capabilities.Capabilities(CAPABILITIES)) |
| 115 |
session.load_known_hosts() |
| 116 |
session.connect(*args, **kwds) |
| 117 |
return Manager(session)
|
| 118 |
|
| 119 |
connect = connect_ssh |
| 120 |
"Same as :func:`connect_ssh`, since SSH is the default (and currently, the only) transport."
|
| 121 |
|
| 122 |
class Manager(object): |
| 123 |
|
| 124 |
def __init__(self, session): |
| 125 |
self._session = session
|
| 126 |
self._async_mode = False |
| 127 |
self._timeout = None |
| 128 |
self._raise_mode = 'all' |
| 129 |
|
| 130 |
def __enter__(self): |
| 131 |
return self |
| 132 |
|
| 133 |
def __exit__(self, *argss): |
| 134 |
self.close_session()
|
| 135 |
return False |
| 136 |
|
| 137 |
def __getattr__(self, name): |
| 138 |
op = OPERATIONS.get(name, None)
|
| 139 |
if op is None: |
| 140 |
raise AttributeError |
| 141 |
else:
|
| 142 |
return op(self._session, |
| 143 |
async=self._async_mode,
|
| 144 |
timeout=self._timeout,
|
| 145 |
raise_mode=self._raise_mode).request
|
| 146 |
|
| 147 |
def locked(self, target): |
| 148 |
return operations.LockContext(self._session, target) |
| 149 |
|
| 150 |
@property
|
| 151 |
def client_capabilities(self): |
| 152 |
return self._session._client_capabilities |
| 153 |
|
| 154 |
@property
|
| 155 |
def server_capabilities(self): |
| 156 |
return self._session._server_capabilities |
| 157 |
|
| 158 |
@property
|
| 159 |
def session_id(self): |
| 160 |
return self._session.id |
| 161 |
|
| 162 |
@property
|
| 163 |
def connected(self): |
| 164 |
return self._session.connected |
| 165 |
|
| 166 |
def set_async_mode(self, mode): |
| 167 |
self._async_mode = mode
|
| 168 |
|
| 169 |
def set_raise_mode(self, mode): |
| 170 |
assert(choice in ("all", "errors", "none")) |
| 171 |
self._raise_mode = mode
|
| 172 |
|
| 173 |
async_mode = property(fget=lambda self: self._async_mode, fset=set_async_mode) |
| 174 |
|
| 175 |
raise_mode = property(fget=lambda self: self._raise_mode, fset=set_raise_mode) |