Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Nornir 2.4.0 requires SSH config file for NETCONF connections #537

Closed
nickrusso42518 opened this issue May 9, 2020 · 2 comments · Fixed by #538
Closed

Nornir 2.4.0 requires SSH config file for NETCONF connections #537

nickrusso42518 opened this issue May 9, 2020 · 2 comments · Fixed by #538

Comments

@nickrusso42518
Copy link

Creating simple "shim" tasks for NETCONF fails in Nornir 2.4.0 but works in Nornir 2.3.0. This seems more like a lower level Nornir connection/option handling problem than a NETCONF problem.

Nornir runbook:

(pspynet) [centos@devbox nornir_nc_issue]$ cat get_runbook.py
#!/usr/bin/env python

from nornir import InitNornir
from nornir.core.task import Result

def netconf_get_config(task, source="running", **kwargs):
    conn = task.host.get_connection("netconf", task.nornir.config)
    result = conn.get_config(source=source, **kwargs)
    return Result(host=task.host, result=result)

def print_config(task):
    vrf_filter = ("subtree", "<native><vrf></vrf></native>")
    try:
        mresult = task.run(task=netconf_get_config, filter=vrf_filter)
        print(mresult[0].result)
    except Exception as exc:
        print(exc.result.result)

nornir = InitNornir()
nornir.run(task=print_config)

Inventory file:

(pspynet) [centos@devbox nornir_nc_issue]$ cat hosts.yaml
---
devnet_sbx_iosxe:
  hostname: ios-xe-mgmt-latest.cisco.com
  username: developer
  password: C1sco12345
  platform: ios
  port: 10000  # sandbox uses 10000 for NETCONF
  connection_options:
    netconf:
      extras:
        allow_agent: false
        hostkey_verify: false
        look_for_keys: false

Everything works on Nornir 2.3.0 without issue.

(pspynet) [centos@devbox nornir_nc_issue]$ pip list | grep nornir
nornir                       2.3.0
(pspynet) [centos@devbox nornir_nc_issue]$ python get_runbook.py
<?xml version="1.0" encoding="UTF-8"?>
<rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="urn:uuid:563ec7d8-f01a-45b1-b2ca-966d9a5755a1" xmlns:nc="urn:ietf:params:xml:ns:netconf:base:1.0"><data><native xmlns="http://cisco.com/ns/yang/Cisco-IOS-XE-native"><vrf><definition><name>CUST1</name><rd>1:1</rd><route-target><export><asn-ip>1:1</asn-ip></export><import><asn-ip>1:1</asn-ip></import></route-target></definition></vrf></native></data></rpc-reply>

Nornir 2.4.0 appears to require an SSH config file and fails.

(pspynet) [centos@devbox nornir_nc_issue]$ pip list | grep nornir
nornir                       2.4.0
(pspynet) [centos@devbox nornir_nc_issue]$ python get_runbook.py
Traceback (most recent call last):
  File "/home/centos/environments/pspynet/lib/python3.7/site-packages/nornir/core/task.py", line 85, in start
    r = self.task(self, **self.params)
  File "get_runbook.py", line 7, in netconf_get_config
    conn = task.host.get_connection("netconf", task.nornir.config)
  File "/home/centos/environments/pspynet/lib/python3.7/site-packages/nornir/core/inventory.py", line 302, in get_connection
    extras=conn.extras,
  File "/home/centos/environments/pspynet/lib/python3.7/site-packages/nornir/core/inventory.py", line 352, in open_connection
    configuration=configuration,
  File "/home/centos/environments/pspynet/lib/python3.7/site-packages/nornir/plugins/connections/netconf.py", line 118, in open
    connection = manager.connect_ssh(**parameters)
  File "/home/centos/environments/pspynet/lib/python3.7/site-packages/ncclient/manager.py", line 143, in connect_ssh
    session.connect(*args, **kwds)
  File "/home/centos/environments/pspynet/lib/python3.7/site-packages/ncclient/transport/ssh.py", line 355, in connect
    with open(os.path.expanduser(ssh_config)) as ssh_config_file_obj:
FileNotFoundError: [Errno 2] No such file or directory: '/home/centos/.ssh/config'

To make this issue easy to replicate, you can use the Cisco DevNet sandbox for quick tests using the script and inventory file provided in this issue. If this behavior is expected (ie, that Nornir will now be requiring these SSH config files), I would appreciate a link to the release notes or documentation explaining it. I wasn't able to find anything after searching.
@ktbyers
Copy link
Collaborator

ktbyers commented May 10, 2020

It is this change here:

#481

Basically there was an earlier bug...that needed fixed that was hiding this other problem.

Given the behavior of ncclient, it probably makes sense to validate that ~/.ssh/config actually exists before passing it in as an argument to ncclient.

This code is here:

https://github.com/nornir-automation/nornir/blob/develop/nornir/plugins/connections/netconf.py#L111

@dbarrosop dbarrosop mentioned this issue May 10, 2020
Merged
@dbarrosop
Copy link
Contributor

I opened a PR that fixes this issue /cc @ogenstad

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

pass ssh_config only if file exists nornir-automation/nornir
3 participants
@ktbyers @dbarrosop @nickrusso42518