Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Does changing a node line in router.db always have to destroy the version history ? #534

Closed
airbear-thebear opened this issue Aug 19, 2016 · 14 comments
Labels

Comments

@airbear-thebear
Copy link

airbear-thebear commented Aug 19, 2016

If I make a simple change to a node - eg. to override the default username, I lose the change history for that node!

@ytti
Copy link
Owner

ytti commented Aug 19, 2016

No that shouldn't happen. We only care about the node name and we never delete old nodes.

@danilopopeye
Copy link
Contributor

I lose the change history for that node!

have you restarted oxidized or just issued a reload?

@ytti
Copy link
Owner

ytti commented Aug 19, 2016

I guess we interpreted 'version history' differently. I interpreted as git versions. But I feel like @danilopopeye interpreted as runtime stats.

Runtime stats are currently lost every time nodes are loaded. We should have runtime state in sqlite instead of memory, but when will that happen is another story.

@airbear-thebear
Copy link
Author

Thanks, obviously, my terminology was a bit crappy. The issue for me is that, if I reload nodes and there is any change to a node line, then the version history through the web interface is emptied.

The git repository retains the history as expected.

I guess what I am looking for is an on-premise web interface to the git repository. Would getting oxidized to push to gitlab be the best approach, or is there something better?

@ytti
Copy link
Owner

ytti commented Aug 22, 2016

My preferred solution is gitlab for sure. But almost every organisation already has something, gitlab, github, stash, bitbucket..., if you already have something, it makes most sense to use what you have.

If you don't have anything, I'm surprised (where do you keep your stuff man:), install gitlab.

@danilopopeye
Copy link
Contributor

The issue for me is that, if I reload nodes and there is any change to a node line, then the version history through the web interface is emptied.

maybe we should investigate a little more and fix the oxidised-web too? 😄

could you post some screenshots to exemplify your issue?

@airbear-thebear
Copy link
Author

I have attached some screenshots, but it's really very simple.

First I ran with a single node for a while, using node file "before_router.db.txt".
Then I took screenshot "before_conf_change.PNG".
Then I changed router.db to override the default value for username with the same value, see file "after_router.db.txt".
Then I reloaded nodes.
Then I took screenshot "after_conf_change.PNG"

I have also attached config and oxidized log and output from `git log'.

Unfortunately, my evidence doesn't show it but, any unchanged node lines are unaffected.

after_conf_change
after_router.db.txt
before_conf_change
before_router.db.txt
config.txt
gitlog.txt
oxidized.log.txt

@ytti
Copy link
Owner

ytti commented Aug 23, 2016

I think the problem is the '/' in start of the name. This causes node to be 'nil' and group to be 'testnode'.

@airbear-thebear
Copy link
Author

I see. That's probably my bad nginx proxy config. It's not coming from the node config. I'll test around that and let you know.

@ytti
Copy link
Owner

ytti commented Aug 23, 2016

I seriously suspect you'd rewrite the node name in query, it's probably problem in oxidized-web. But I can't be arsed to look for it now.
I'm guessing you'll get list of devices, and in that list of devices, after reload, the node name is prefixed with '/'?

@danilopopeye
Copy link
Contributor

@airbear-thebear any update?

@airbear-thebear
Copy link
Author

airbear-thebear commented Aug 30, 2016

Hi,
It seems that changing the username field is also changing the group field. The update/change history is persistent but, I am simply seeing a different history for the same node, in a different group.
I believe this is pretty much what ytti suspected would be the problem?

The below was taken with my browser connecting directly to Oxidized-web (no NGINX).

So, here's a recap on the config:

source:
  default: csv
  csv:
    file: /home/oxidized/.config/oxidized/router.db
    delimiter: !ruby/regexp /:/
    # Here we are setting variables based on CSV columns:
    # ie.  name = col0, model = col1 ...
    map:
      name: 0
      model: 1
      group: 2
      username: 3
      password: 4
      input: 6
    vars_map:
      enable: 5

Here is router.db:
default_username_router.db.txt

Here is what the overview looks like:
default_username

Here is the history for node "csw01":
default_username_history

Now I put a value in the username field for node "csw01":
username_router.db.txt

I reload nodes and refresh. Now the nodes overview changes:
username

And we see a (persistent) but different history for node "csw01":
username_history

Changing the config back to use an empty username field will return the node to the "default" group and restore the update history.

@ytti
Copy link
Owner

ytti commented Aug 30, 2016

Your problem:

[ytti@ytti.fi ~]% pry
[1] pry(main)> "bigip-01:tmos::username:password::".split(":")[2]
=> ""
[2] pry(main)> "bigip-01:tmos:::::".split(":")[2]
=> nil
[3] pry(main)>

This relates to issue #500. We don't have clear way to specify

  1. I have value, but it is empty
  2. I have value, and it is not empty
  3. I do not have value

Now after you add username and password, the 'missing' fields become 'has value, empty'. Before adding them, they are 'no value'.

I'm thinking of adding 'pseudo types', so you could populate them with nil to indicate lack of value. Or something similar if other people have another solution for #500

Right now, you could solve your problem by changing the mapping order, so group is after username/password. Or just remove group, as you don't seem to use it.

@ytti
Copy link
Owner

ytti commented Aug 30, 2016

To put that plainly, after you specify username:password, you accidentally also specify group, which happens to be empty string.

We will fix the behaviour, unsure how yet. Probably in a way where you need to enter 'nil' or 'false' in fields without value. And :: will be empty string.

But in mean time, either remove group mapping if you don't use it, or juggle them around for desired effect.

@ytti ytti closed this as completed in e638e7c Sep 28, 2016
MajesticFalcon added a commit to MajesticFalcon/oxidized that referenced this issue Feb 6, 2017
* Remove extra new lines added by export command

* Updated Dockerfile to use ruby 2.3

* ruby2.1 behaves oddly with this style of dependcy

fixed ytti#565

* rollback `alvarion` model

wrongly removed in 56bac97

* interpolate node variable values

Empty value was variably considered "" or nil, now it will always be ""
string.

Now "nil", "false", "true" strings are converted to their respective
types nil, false and true.

This also means we cannot have verbatim strings by that name, like if
your password was "false", you're shit out of luck. If this is the case,
we can add some __false__ hack or consider other similar solutions.

Fixes ytti#500
Fixes ytti#534

May break stuff with ""/nil changing now, but as it was not consistent
to begin with, I find it acceptable. Users now may need to manually
enter nil in some fields to regain old behaviour.

* update CHANGELOG

* bump up version

* Redoing the modifications on a up to date base

* Redoing the modifications on a up to date base

* update model names

* add links to models

* add comware link

name contained -, which my replace regexp didn't allow, thus didn't
generate link for that model

* regexp missed this model

* prompt not captured after sending enabe PW

fixes ytti#577

* The \n is not seen as a lineline with ' it need "

* Update README.md

Added correction related to issue ytti#445 and docker-compose file example

* Interpolate also node variables, not just vars map

Fixes ytti#583

* Add nginx reverse proxy example

* Add apache2 reverse proxy example

* Add key authentication to ssh input

* bump up version

* Use variable vars(:ssh_keys) for private key authentication

* Fix blank pfSense configs being saved if regex doesn't match

* Update regex to match newer pfSense config files

* Add missing dependency for Rugged

* Added support for fujitsu blade switches

* Added Support for MRV FiberDriver Linux based management module

* fetch should return string, not array

Also if group was explicitly given, we referred to wrong directory

* return nil if we can't find file

unsure if we really should, or just raise the error and let consumer of
fetch decide what to do with the error

* add support for the HPE BladeSystem

* add Ruby.gitignore from github.com/github/gitignore

* Allow model to specify SSH PTY options

* it shouldn't be a private method

* add Planet SGS switches

* add to README

* Update dnos.rb

Handles old DNOS switches that do not allow term length 0 prior to enable, and double exits in case of enable..

* expect prompt after sending enable password

* Added support for Trango/Trangolink-45

I only have the Trangolink-45 so I'm not sure which other radios this
might support.

* This adds support for the Casa C1G CMTS

This will probably work for the other Casa CMTS as well.

* This adds support for D-Link switches

This specifically supports DES-3526/3550 series switches.

* This adds support for Hatteras Networks devices

* renamed  alvarion -> alvarion.rb

I believe from this:
require File.join dir, file+'.rb'

That the only way this model would work is if it has a .rb extension.  I
don't have any of these devices to test if this works.

* add support for PLANET SG switches

So far, only SGS switches were supported.

Now, we check the model type during the 'show version' command, and only
execute the 'show transceiver details' command in case an SGS switch was
detected (as its not supported on SG models).
We will also strip lines containing the current System Time and Uptime.
These only appear on SG models, but it's a good idea to strip them anyways.

* expect prompt after entering enable password

* Update ciscosmb.rb

Adapted for SG series, not sure about SF.

Please test.

* Update ciscosmb.rb

Forgot the username prompt change.

* Update ciscosmb.rb

Added old commands in case of different CLI variations.

* Added option to disable ssl verification checks for http source

* Updated config options

* New hook: awssns - Publish messages to AWS SNS topics

* exclude time from output

* Update eos.rb

* Remove trailing whitespace and enable prompt detection

Fixes: ytti#630

* Fix suggested by ytti for issue ytti#610

* Recursively search from one dir above specified

Fixes ytti#626

* update changelogs

* bump up version

* delete secret password if it is called secret

* documention: debug inside input is now boolean

* Update ios.rb

Do the terminal configure after enable since it might be prohibited in non ena

* Hide remaining passwords

* adding zhone OLT/MX GPON/MetroE/DSL gear

* Ignore undefined UTF8 in ironware.rb

We have some Brocade MLX devices that are triggering  'raised Encoding::UndefinedConversionError with msg ""\xFF" from ASCII-8BIT to UTF-8"'.  Update the ironware.rb file to ignore undefined UTF8 as well as invalid UTF8

* Add support for telnet

* Mask out configuration date for fiberdriver

Our fiberdriver devices report a timestamp during 'show running-config', which results in a config diff on every run.  This patch removes the '+! Configuration saved on 2017/01/10 14:21:20' line from the config, as well as a couple other useless status messages

* Ensure config gets returned even if no replacements are done

* Ignore fan speed changes for ironware

Brocade ICX/FCX log fan speed changes like this:

Fan ok, speed (auto): 1<->[[2]]<->3
Fan ok, speed (auto): [[1]]<->2<->3

Remove the current fan speed from the configuration to prevent lots of useless changes from being logged.

* Add suggestion to set `ip` variable in CSV reader

We have around ~1000 nodes, and oxidized was taking 30s to do the initial config load.  After adding the 'ip' variable to our CSV, load time dropped to less than 1 second.

* Update ironware.rb

Some Brocade devices only have two possible fan speeds.  Previously, this only handled three levels of fan speeds.  Updated regex will handle both of these cases:

    Fan 1 ok, speed (auto): 1<->[[2]]
    Fan 1 ok, speed (auto): 1<->[[2]]<->3

* Tweak the white space for cleaning.

* Untested GPG work

* Syntax error

* Update

* GPG support

* GPG support working

* Requested changes

* Update

* Don't show error is unsupported

This is the proposed fix for issue ytti#669. Let me know if there is anything that I need to fix.
This appears to be working correctly for the switch I have in house (S2400-24P). However the model is not working for the Aruba Instant AP (IAP) (virtual) controller. I hope to submit a fix for those once I have it working. The problems with that device appear to be unrelated to these changes as the prompt is incorrect.

* Filter out rogue client alerts from AireOS

* Added git build

* Adjustments

* feature: support IP Addressed provided with a netmask

* Updated split to be more efficient, thanks ytti!

* Update fabricos.rb

Ignore Uptime/Power/Date fields in chassisShow and configShow

* Restore compatibility with older versions of IronWare
Remove \r from the "enable" command. Both \r and \n are interpreted the same on older versions, causing a blank line to be sent as the enable password.
Add a delay between the sending of the "logout" command and each "exit" command. Older devices don't seem to be able to keep up with the speed the commands are sent without a delay.

* Cleaner way to fix older IronWare devices
This works on older IronWare devices without needing a sleep between each command.

* added secret removal for fortiOS

* nicer regex for both password variants of fortiOS
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

No branches or pull requests

3 participants