General changes
- All references to psyco have been removed as it doesn’t support 64-bit and
was causing problems in Python 2.7.3.
- A new document, Adding New Vendors to Trigger, has been added to use as checklist for
adding new vendor support to Trigger.
- Added Allan Feid as contributor for his
crazed ideas.
[Feature] #10: The following changes have been made within
changemgmt, which provides Trigger’s support for bounce windows
and timezones, to move the bounce window settings into configurable data vs.
static in the module code.
- This module has been convertd into a package.
- The Bounce window API has been totally overhauled. Bounce windows are no
longer hard-coded in changemgmt and are now configured using
bounce.py and specified using BOUNCE_FILE. The interface for
creating BounceWindow objects was greatly simplified
to improve readability and usage.
- Added sample bounce.py to conf/bounce.py in the Trigger source
distribution.
- New setting variables in settings.py:
- BOUNCE_FILE - The location of the bounce window mapping
definitions. Defaults to /etc/trigger/bounce.py.
- BOUNCE_DEFAULT_TZ - Default timezone for bounce windows.
Defaults to 'US/Eastern'.
- BOUNCE_DEFAULT_COLOR - The default bounce risk-level status
color. Defaults to 'red'.
[Feature] #55: The following changes have been made within
netdevices to make it easier to populate
NetDevices from arbitrary sources by implementing
pluggable loaders.
- This module has been converted into a package.
- All hard-coded metadata parsing functions and associated imports have been
replaced with loader plugin classes. Filesystem loaders provided by default
for JSON, XML, Sqlite, Rancid, and new: CSV!). The bare minimum config for
CSV is a newline-separated CSV file populated with “hostname,vendor”
- New configuration setting: NETDEVICES_LOADERS used to define a
list of custom loader classes to try in turn. The first one to return data
wins.
- The configuration settings SUPPORTED_FORMATS and
NETDEVICES_FORMAT have been deprecated.
- The configuration setting NETDEVICES_SOURCE has replaced
NETDEVICES_FILE.
- The sample settings.py (found at conf/trigger_settings.py in the
source distribution) illustrates how one may use
NETDEVICES_SOURCE and NETDEVICES_LOADERS to replace
the deprecated settings NETDEVICES_FORMAT and
NETDEVICES_FILE.
The following changes have been made within twister, which
provides Trigger’s remote execution functionality:
- [Feature] #22: Added Aruba wireless controller and Brocade ADX/VDX support
for execute/pty in trigger.twister and any device that requires pty-req and
shell without actualling using a pty. The channel class for this
functionality is called TriggerSSHAsyncPtyChannel
- Added a new requires_async_pty attribute to
NetDevice objects to help identify devices that
require such channels.
- Added a force_cli flag to execute() to force CLI
execution on Juniper devices instead of Junoscript.
- The default client factory (TriggerClientFactory) now
calls validate_credentials() instead of directly
instantiating Tacacsrc anytime credentials are
populated automatically, resulting in only a single call to
Tacacsrc(), when creds aren’t provided.
- Added error-detection for Brocade MLX devices.
The following changes have been made within cmds, which provides
an extensible, developer-friendly interface to writing command exeuction
adapters:
- Added a force_cli flag to Commando constructor to force
CLI execution on Juniper devices instead of Junoscript.
- The timeout value may now be set as a class variable in
Commando subclasses.
- Commando now steps through commands as iterables instead
of assuming they are lists. The iterable is also now explicitly cast to a
list when we need it be one.
- A minor bugfix in Commando causing results from multiple
Commando instances to collide with each other because they were inheriting
an empty results {} from the class object.
- Commando now accepts creds as an optional argument. If
not set, it will default to reading user credentials from .tacacsrc.
The following changes have been madw within parser, which
provides Trigger’s support for parsing network access control lists (ACLs)
and firewall policies.
- [Feature] #12: Support has been added for parsing IPv6 addresses in Juniper
firewall filters. (This does not include full IPv6 firewall support!)
- [Bug] #26: The ACL parers was modified to support negation of addresses
using the syntax {ip} except; in Juniper firewall filters. To
facilitate this a custom IP address class was created:
TIP (which is a subclass of IPy.IP).
- The prefix on /32 and /128 IPs in Juniper ACLs is now always displayed.
The following changes have been made within tacacsrc, which
provides functionality to cache and retrieve user credentials:
- Added a new function validate_credentials() to (you
guessed it!) validate credentials. It supports input in the form 2-tuples
(username, password), 3-tuples (username, password, realm), and
dictionaries of the same and returns a Credentials
object.
The following changes have been made to Trigger’s command-line utilities:
- [Feature] #60: bin/load_acl will now shutdown gracefully if initial
the MySQL connection fails, using a try..except to display some
information about the connection failure without a traceback. For other
MySQL issues, we will leave as is (dumping the traceback) because they
would represent coding or transient issues, and we should present as much
information as we have.
- [Feature] #20: bin/gnng (get_nets) In support of displaying Juniper
‘sp’ interfaces (which are un-numbered and were being skipped for this
reason), we’ve added flags to include un-numbered (-u) or disabled
(-d) interfaces for any device platform.