mirror of
https://github.com/vyos/vyos-documentation.git
synced 2025-11-04 00:02:05 +01:00
216 lines
4.3 KiB
ReStructuredText
216 lines
4.3 KiB
ReStructuredText
:lastproofread: 2023-01-16
|
|
|
|
.. _vyos-salt:
|
|
|
|
.. include:: /_include/need_improvement.txt
|
|
|
|
Salt
|
|
====
|
|
|
|
VyOS supports op-mode and configuration via salt_.
|
|
|
|
Without proxy it requires VyOS minion configuration
|
|
and supports op-mode data:
|
|
|
|
.. code-block:: none
|
|
|
|
set service salt-minion id 'r14'
|
|
set service salt-minion master '192.0.2.250'
|
|
|
|
Check salt-keys on the salt master
|
|
|
|
.. code-block:: none
|
|
|
|
/ # salt-key --list-all
|
|
Accepted Keys:
|
|
r11
|
|
Denied Keys:
|
|
Unaccepted Keys:
|
|
r14
|
|
Rejected Keys:
|
|
|
|
Accept minion key
|
|
|
|
.. code-block:: none
|
|
|
|
/ # salt-key --accept r14
|
|
The following keys are going to be accepted:
|
|
Unaccepted Keys:
|
|
r14
|
|
Proceed? [n/Y] y
|
|
Key for minion r14 accepted.
|
|
|
|
|
|
|
|
Check that salt master can communicate with minions
|
|
|
|
.. code-block:: none
|
|
|
|
/ # salt '*' test.ping
|
|
r14:
|
|
True
|
|
r11:
|
|
True
|
|
|
|
At this step we can get some op-mode information from VyOS nodes:
|
|
|
|
.. code-block:: none
|
|
|
|
/ # salt '*' network.interface eth0
|
|
r11:
|
|
|_
|
|
----------
|
|
address:
|
|
192.0.2.11
|
|
broadcast:
|
|
192.0.2.255
|
|
label:
|
|
eth0
|
|
netmask:
|
|
255.255.255.0
|
|
r14:
|
|
|_
|
|
----------
|
|
address:
|
|
192.0.2.14
|
|
broadcast:
|
|
192.0.2.255
|
|
label:
|
|
eth0
|
|
netmask:
|
|
255.255.255.0
|
|
|
|
|
|
/ # salt r14 network.arp
|
|
r14:
|
|
----------
|
|
aa:bb:cc:dd:f3:db:
|
|
192.0.2.1
|
|
aa:bb:cc:dd:2e:80:
|
|
203.0.113.1
|
|
|
|
|
|
|
|
|
|
Netmiko-proxy
|
|
-------------
|
|
|
|
It is possible to configure VyOS via netmiko_ proxy module.
|
|
It requires a minion with installed packet ``python3-netmiko`` module
|
|
who has a connection to VyOS nodes. Salt-minion have to communicate
|
|
with salt master
|
|
|
|
Configuration
|
|
^^^^^^^^^^^^^
|
|
|
|
Salt master configuration:
|
|
|
|
.. code-block:: none
|
|
|
|
/ # cat /etc/salt/master
|
|
file_roots:
|
|
base:
|
|
- /srv/salt/states
|
|
|
|
pillar_roots:
|
|
base:
|
|
- /srv/salt/pillars
|
|
|
|
Structure of /srv/salt:
|
|
|
|
.. code-block:: none
|
|
|
|
/ # tree /srv/salt/
|
|
/srv/salt/
|
|
|___ pillars
|
|
| |__ r11-proxy.sls
|
|
| |__ top.sls
|
|
|___ states
|
|
|__ commands.txt
|
|
|
|
top.sls
|
|
|
|
.. code-block:: none
|
|
|
|
/ # cat /srv/salt/pillars/top.sls
|
|
base:
|
|
r11-proxy:
|
|
- r11-proxy
|
|
|
|
|
|
r11-proxy.sls Includes parameters for connecting to salt-proxy minion
|
|
|
|
.. code-block:: none
|
|
|
|
/ # cat /srv/salt/pillars/r11-proxy.sls
|
|
proxy:
|
|
proxytype: netmiko # how to connect to proxy minion, change it
|
|
device_type: vyos #
|
|
host: 192.0.2.250
|
|
username: user
|
|
password: secret_passwd
|
|
|
|
commands.txt
|
|
|
|
.. code-block:: none
|
|
|
|
/ # cat /srv/salt/states/commands.txt
|
|
set interfaces ethernet eth0 description 'WAN'
|
|
set interfaces ethernet eth1 description 'LAN'
|
|
|
|
Check that proxy minion is alive:
|
|
|
|
.. code-block:: none
|
|
|
|
/ # salt r11-proxy test.ping
|
|
r11-proxy:
|
|
True
|
|
/ #
|
|
|
|
Examples
|
|
^^^^^^^^
|
|
|
|
Example of op-mode:
|
|
|
|
.. code-block:: none
|
|
|
|
/ # salt r11-proxy netmiko.send_command 'show interfaces ethernet eth0 brief' host=192.0.2.14 device_type=vyos username=vyos password=vyos
|
|
r11-proxy:
|
|
Codes: S - State, L - Link, u - Up, D - Down, A - Admin Down
|
|
Interface IP Address S/L Description
|
|
--------- ---------- --- -----------
|
|
eth0 192.0.2.14/24 u/u Upstream
|
|
/ #
|
|
|
|
Example of configuration:
|
|
|
|
.. code-block:: none
|
|
|
|
/ # salt r11-proxy netmiko.send_config config_commands=['set interfaces ethernet eth0 description Link_to_WAN'] commit=True host=192.0.2.14 device_type=vyos username=vyos password=vyos
|
|
r11-proxy:
|
|
configure
|
|
set interfaces ethernet eth0 description Link_to_WAN
|
|
[edit]
|
|
vyos@r14# commit
|
|
[edit]
|
|
vyos@r14#
|
|
/ #
|
|
|
|
Example of configuration commands from the file "/srv/salt/states/commands.txt"
|
|
|
|
.. code-block:: none
|
|
|
|
/ # salt r11-proxy netmiko.send_config config_file=salt://commands.txt commit=True host=192.0.2.11 device_type=vyos username=vyos password=vyos
|
|
r11-proxy:
|
|
configure
|
|
set interfaces ethernet eth0 description 'WAN'
|
|
[edit]
|
|
vyos@r1# set interfaces ethernet eth1 description 'LAN'
|
|
[edit]
|
|
vyos@r1# commit
|
|
[edit]
|
|
vyos@r1#
|
|
/ #
|
|
|
|
.. _salt: https://docs.saltproject.io/en/latest/contents.html
|
|
.. _netmiko: https://docs.saltproject.io/en/latest/ref/modules/all/salt.modules.netmiko_mod.html#module-salt.modules.netmiko_mod |