Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Capirca task plugin #485

Closed
wants to merge 2 commits into from
Closed

Capirca task plugin #485

wants to merge 2 commits into from

Conversation

fach
Copy link
Contributor

@fach fach commented Feb 11, 2020

This PR adds a Nornir task plugin for utilizing Capirca to generate per-host ACLs. Upon success, the rendered ACL is returned as a string in the result field of a Result. For an ACL to be rendered, the plugin must be passed a valid capirca platform type and the host platform must be a target in the specified policy file:

header {
  comment:: "Sample multitarget loopback filter"
  target:: juniper LOOPBACK
  target:: arista LOOPBACK
  target:: ciscoxr LOOPBACK
}

This platform value is different than the top-level platform inventory field, as the existing inventory values (i.e. junos) didn't map 1:1 to capirca platforms, and maintaining a translation map seemed implicitly terrible. Therefore, the capirca platform type must be explicitly passed but can be included as inventory data as below and passed at task runtime:

dev4.group_2:
    data:
        capirca:
            platform: juniper
            expiration: 2
            shade_check: true
            optimize: true

The application dependency of Capirca v1.122/latest was left off this PR per the contributing guidelines. Please let me know if you want it added here, in a separate PR or if you will handle it.

Also, if there is value, I'm happy to add this as a Nornir function as well, which would most likely render and write ACLs to a specified directory, much like the current Capirca toolchain.

@fach
Copy link
Contributor Author

fach commented Feb 11, 2020

Checks are failing due to the missing Capirca dependency mentioned above.

@ktbyers
Copy link
Collaborator

ktbyers commented Feb 11, 2020

I think I would add the caprica dependencies into the dev dependencies in pyproject.toml and update the poetry.lock file.

https://github.com/nornir-automation/nornir/blob/develop/pyproject.toml#L44

In other words, make it so the tests/CI-CD can work, but so that end-users are not required to install this dependency.

Others can chime in if they don't like this pattern.

We possibly need a more modular way to manage dependencies for plugins.

@fach
Copy link
Contributor Author

fach commented Feb 11, 2020

Alright, I did the thing. Travis is happy now.

@dmfigol dmfigol added the hold label Feb 14, 2020
@dmfigol
Copy link
Collaborator

dmfigol commented Feb 14, 2020

@fach thank you for the contribution, Steve! We are right now discussing where the plugins should live #486 and it is very likely that we will end up separating them from the core. Hence at this point, I think it makes sense to hold onto this PR.

@fach
Copy link
Contributor Author

fach commented Feb 14, 2020

Sounds good. Happy to be a trailblazer with this PR and help get boiler plate going if we want to move plugins outside of the core repo.

@dbarrosop
Copy link
Contributor

If you haven't look at #492 and #486 and feel free to provide feedback on the new nornir_napalm repo which I am using to experiment how a plugin repo could look like

@ktbyers
Copy link
Collaborator

ktbyers commented Feb 10, 2023

I am going to close this PR as it is no longer applicable to nornir-core (i.e. it should be in its own separate nornir plugin repository).

@ktbyers ktbyers closed this Feb 10, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants