-
Notifications
You must be signed in to change notification settings - Fork 23
/
Copy pathcisco_ios.rb
79 lines (74 loc) · 2.66 KB
/
cisco_ios.rb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
require 'puppet/resource_api'
Puppet::ResourceApi.register_transport(
name: 'cisco_ios',
desc: <<-EOS,
This transport connects to a Cisco IOS device.
EOS
features: [],
connection_info: {
host: {
type: 'String',
desc: 'The FQDN or IP address of the device to connect to.',
},
port: {
type: 'Optional[Integer]',
desc: 'The port of the device to connect to. (Default: 22)',
},
user: {
type: 'String',
desc: 'The username to use for authenticating all connections to the device.',
},
password: {
type: 'String',
sensitive: true,
desc: 'The password to use for authenticating all connections to the device.',
},
enable_password: {
type: 'String',
sensitive: true,
desc: 'The password to use for entering into enable mode on the device.',
},
timeout: {
type: 'Optional[Integer]',
desc: 'Timeout value in seconds, to wait on a connection request. (Default: 30)',
},
verify_hosts: {
type: 'Optional[Boolean]',
desc: <<-DESC,
Setting to false will disable the verification of the SSH host fingerprint. (Default: true)
Note (Security Warning) Disabling verification has security risks and should be done only after considering the implications.
DESC
default: true,
},
known_hosts_file: {
type: 'Optional[String]',
desc: <<-DESC,
The location to store device host keys. The location will be used on the node running the catalog, not the device.
The SSH host key, and hence its identity, will not be verified during the first connection
attempt. The host key will be added to this file and verified on subsequent accesses.
To force using specific host keys, instead of trusting the initial connection handshake, deploy a `known_hosts` file to your puppet server, or proxy agent, with verified fingerprints and specify that file here.
(Default is based on the device's cache directory. For example: `/opt/puppetlabs/puppet/cache/devices/<CERTNAME>/ssl/known_hosts`)
DESC
},
ssh_logging: {
type: 'Optional[Boolean]',
desc: <<-DESC,
If set to true, SSH session will be logged for debug purposes.
Requires Puppet debug level set to `debug`.
(Default: false)
DESC
},
ssh_log_file: {
type: 'Optional[String]',
desc: <<-DESC,
Absolute path to the file for which SSH logging will be written. Requires `ssh_logging` to be set to `true`.
(Default: $puppet[:statedir]/SSH_I_DUMPED)
See: https://puppet.com/docs/puppet/5.3/configuration.html#statedir
DESC
},
command_timeout: {
type: 'Optional[Integer]',
desc: 'Timeout value in seconds, to wait on a response to a command. (Default: 120)',
},
},
)