def __init__(self,
hostname='firepower',
login_password='******',
sudo_password='******',
enable_password='',
*args,
**kwargs):
"""Constructor for Elektra.
:param hostname: hostname for the device
:param login_password: device login password with user name 'admin'
:param sudo_password: device sudo password for 'root'
:param enable_password: device enable password
Add *args and **kwargs so that the initiator can be invoked with
additional (unused) arguments.
"""
super().__init__()
publish_kick_metric('device.elektra.init', 1)
from .patterns import ElektraPatterns
self.patterns = ElektraPatterns(hostname, login_password,
sudo_password, enable_password)
# create the state machine that contains the proper attributes.
from .statemachine import ElektraStatemachine
self.sm = ElektraStatemachine(self.patterns)
# important: set self.line_class so that a proper line can be created
# by ssh_console(), etc.
self.line_class = ElektraLine
def __init__(self, hostname='firepower',
login_username='******',
login_password=KickConsts.DEFAULT_PASSWORD,
sudo_password=KickConsts.DEFAULT_PASSWORD,
*args,
**kwargs):
"""Constructor for FMC.
:param hostname: fmc hostname or fqdn e.g. FS2000-01 or FS2000-01.domain.com
:param login_username: user name for login
:param login_password: password for login
:param fmc_root_password: root password for FMC
:return: None
Add *args and **kwargs so that the initiator can be invoked with
additional (unused) arguments.
"""
super().__init__()
graphite.publish_kick_metric('device.fmc.init', 1)
self.patterns = FmcPatterns(
hostname=hostname,
login_username=login_username,
login_password=login_password,
sudo_password=sudo_password)
self.sm = FmcStatemachine(self.patterns)
self.line_class = FmcLine
def __init__(self,
hostname='firepower',
login_username='******',
login_password='******',
sudo_password='******',
*args,
**kwargs):
"""Constructor for Ep.
:param hostname: host name in prompt e.g. FS2000-01
:param login_username: user name for login
:param login_password: password for login
:param ep_root_password: root password for EP
:return: None
Add *args and **kwargs so that the initiator can be invoked with
additional (unused) arguments.
"""
graphite.publish_kick_metric('device.ep.init', 1)
self.patterns = EpPatterns(hostname=hostname,
login_username=login_username,
login_password=login_password,
sudo_password=sudo_password)
self.sm = EpStatemachine(self.patterns)
self.line_class = EpLine
self.set_default_timeout(DEFAULT_TIMEOUT)
def __init__(self,
hostname,
login_username='******',
login_password='******',
sudo_password='******',
*args,
**kwargs):
"""
Wm instance constructor
:param hostname: hostname of the FXOS
:param login_username: user name for login
:param login_password: password for login
:param sudo_password: root password for FTD
:kwargs
:param: 'config_hostname': output of 'show running-config hostname'
"""
super(Kp, self).__init__()
publish_kick_metric('device.wm.init', 1)
self.set_default_timeout(DEFAULT_TIMEOUT)
# set hostname, login_username and login_password
config_hostname = kwargs.get('config_hostname', 'firepower')
self.patterns = KpPatterns(hostname, login_username, login_password,
sudo_password, config_hostname)
# create the state machine that contains the proper attributes.
self.sm = WmStateMachine(self.patterns)
# important: set self.line_class so that a proper line can be created
# by ssh_console(), etc.
self.line_class = WmLine
logger.info("Done: Wm instance created")
def __init__(self, hostname='firepower', login_password='******',
sudo_password='******', enable_password='', *args, **kwargs):
"""Constructor for FTD.
Add *args and **kwargs so that the initiator can be invoked with
additional (unused) arguments.
:param hostname: host name as appears in prompt
e.g. 'BATIT-5508-3-FUL'
:param login_password: password for login
:param sudo_password: root password
:param enable_password: password for privileged exec mode
:return: None
"""
super().__init__()
graphite.publish_kick_metric('device.ftd5500x.init', 1)
from .patterns import Ftd5500xPatterns
self.patterns = Ftd5500xPatterns(hostname, login_password, sudo_password, enable_password)
# create the state machine that contains the proper attributes.
from .statemachine import Ftd5500xStatemachine
self.sm = Ftd5500xStatemachine(self.patterns)
# important: set self.line_class so that a proper line can be created
# by ssh_console(), etc.
self.line_class = Ftd5500xLine
def ssh_vty(self, ip, port, username='******', password='******', timeout=None,
line_type='ssh', rsa_key=None):
"""
Set up an ssh connection to device's interface.
This goes into device's ip address, not console.
:param ip: ip address of terminal server
:param port: port of device on terminal server
:param username: usually "admin"
:param password: usually "Admin123"
:param timeout: in seconds
:param line_type: ssh line type
:param rsa_key: identity file (full path)
:return: a line object (where users can call execute(), for example)
"""
publish_kick_metric('device.series3fmc.ssh_vty', 1)
from .constants import Series3Constants
Series3Constants.uut_ssh_ip = ip
Series3Constants.uut_ssh_port = port
ssh_line = super().ssh_vty(ip=ip, port=port, username=username, password=password,
timeout=timeout, line_type=line_type, rsa_key=rsa_key)
return ssh_line
def __init__(self,
hostname='firepower',
login_username='******',
login_password=KickConsts.DEFAULT_PASSWORD,
sudo_password=KickConsts.DEFAULT_PASSWORD,
cimc_hostname='',
*args,
**kwargs):
"""Constructor for FMC m4.
:param hostname: fmc hostname or fqdn e.g. FS2000-01 or FS2000-01.cisco.com
:param login_username: user name for login
:param login_password: password for login
:param cimc_hostname: host name in prompt in cimc scope mode e.g. C220-FCH1948V1N3
:return: None
"""
publish_kick_metric('device.m4.init', 1)
self.patterns = M4Patterns(hostname=hostname,
login_username=login_username,
login_password=login_password,
sudo_password=sudo_password,
cimc_hostname=cimc_hostname)
self.sm = M4Statemachine(self.patterns)
self.line_class = M4Line
self.set_default_timeout(DEFAULT_TIMEOUT)
def ssh_vty(self,
ip,
port,
username='******',
password='******',
timeout=None,
line_type='ssh',
rsa_key=None):
"""Set up an ssh connection to device's interface.
This goes into device's ip address, not console.
:param ip: ip address of terminal server
:param port: port of device on terminal server
:param username: usually "admin"
:param password: usually "Admin123"
:param line_type: ssh line type
:param timeout: in seconds
:param rsa_key: identity file (full path)
:return: a line object (where users can call execute(), for example)
"""
graphite.publish_kick_metric('device.basic.ssh_vty', 1)
if not timeout:
timeout = self.default_timeout
if rsa_key:
resp = subprocess.getoutput('chmod 400 {}'.format(rsa_key))
if 'No such file or directory' in resp:
raise RuntimeError(
'The identity file {} you provided does not exist'.format(
rsa_key))
spawn_id = NewSpawn(
'ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no '
'-i {} -l {} -p {} {} \n'.format(rsa_key, username, port, ip))
else:
spawn_id = NewSpawn(
'ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no '
'-l {} -p {} {} \n'.format(username, port, ip))
ctx = AttributeDict({'password': password})
d = Dialog([
[
'continue connecting (yes/no)?', 'sendline(yes)', None, True,
False
],
['(p|P)assword:', 'sendline_ctx(password)', None, True, False],
['Password OK', 'sendline()', None, False, False],
['[.*>#$]+.*\s', 'sendline()', None, False, False],
])
d.process(spawn_id, context=ctx, timeout=timeout)
ssh_line = self.line_class(spawn_id, self.sm, line_type, timeout)
logger.debug('ssh_vty() finished successfully')
return ssh_line
def __init__(self, hostname='csp'):
"""
Initilize the CSP Instance
:param hostname: Hostname of the csp 2100
:param login_username: username for login
:param login_password: password for login
:return None
"""
publish_kick_metric('device.csp.init', 1)
self.patterns = CspPatterns(hostname)
self.sm = CspStatemachine(self.patterns)
self.line_class = CspLine
super().__init__()
def __init__(self, hostname='ciscoasa', enable_password=''):
"""Initializer of Asa instance.
:param hostname: ASA hostname
:param enable_password: ASA enable password
:return: None
"""
publish_kick_metric('device.asa.init', 1)
self.patterns = AsaPatterns(hostname, enable_password)
self.sm = AsaStatemachine(self.patterns)
self.line_class = AsaLine
super().__init__()
def ssh_cimc(self,
ip,
port,
cimc_username='******',
cimc_password='******',
timeout=None):
"""This is the method to login to FMC via CIMC Interface.
:param ip: FMC CIMC IP
:param port: ssh port for FMC CIMC
:param cimc_username: ssh username for FMC CIMC
:param cimc_password: ssh password for FMC CIMC
:param timeout: timeout for ssh login
:return: ssh_line
"""
publish_kick_metric('device.m4.ssh', 1)
if not timeout:
timeout = self.default_timeout
self.spawn_id = Spawn('ssh -o UserKnownHostsFile=/dev/null'
' -o StrictHostKeyChecking=no '
'-l {} -p {} {}'.format(cimc_username, port, ip))
d1 = Dialog([
[
'continue connecting (yes/no)?', 'sendline(yes)', None, True,
False
],
[
'[Pp]assword:', 'sendline({})'.format(cimc_password), None,
True, False
],
[self.sm.get_state('mio_state').pattern, None, None, False, False],
])
try:
d1.process(self.spawn_id, timeout=60)
self.spawn_id.sendline()
self.spawn_id.sendline()
except TimeoutError:
pass
ssh_line = self.line_class(self.spawn_id,
self.sm,
'ssh_cimc',
timeout=timeout)
logger.debug("Done: connection created by ssh {} {}".format(ip, port))
return ssh_line
def telnet_console_no_credential(self, ip, port, timeout=None):
"""Set up an telnet console connection, no need to provide credential.
This goes into device's console port, through a terminal server.
:param ip: ip address of terminal server
:param port: port of device on terminal server
:param timeout: in seconds
:return: a line object (where users can call execute(), for example)
"""
graphite.publish_kick_metric(
'device.basic.telnet_console_no_credential', 1)
if not timeout:
timeout = self.default_timeout
spawn_id = NewSpawn('telnet {} {}'.format(ip, port))
try:
spawn_id.expect("Connected to.*Escape character is '\^\]'\.",
timeout)
except OSError:
spawn_id.close()
clear_line(ip,
int(port) % 100,
prompt='#',
access='telnet',
timeout=timeout)
spawn_id = NewSpawn('telnet {} {}'.format(ip, port))
try:
spawn_id.expect("Connected to.*Escape character is '\^\]'\.",
timeout)
except:
spawn_id.close()
raise
time.sleep(0.5)
spawn_id.sendline('')
telnet_line = self.line_class(spawn_id,
self.sm,
'telnet',
timeout=timeout)
logger.debug('telnet_console_no_credential() finished successfully')
return telnet_line
def __init__(self, hostname='firepower', login_username='******',
login_password=KickConsts.DEFAULT_PASSWORD,
sudo_password=KickConsts.DEFAULT_PASSWORD, *args,
**kwargs):
"""Constructor for FMC.
:param hostname: hostname of the device or fqdn
:param login_username: user credentials
:param login_password: device login password with user name 'admin'
:param sudo_password: device sudo password for 'root'
"""
super().__init__(hostname, login_username,
login_password,
sudo_password, *args, **kwargs)
publish_kick_metric('device.series3fmc.init', 1)
self.line_class = Series3FmcLine
def __init__(self,
hostname='firepower',
login_username='******',
login_password=KickConsts.DEFAULT_PASSWORD,
sudo_password=KickConsts.DEFAULT_PASSWORD,
cimc_hostname='',
*args,
**kwargs):
"""Constructor for FMC M5.
:param hostname: fmc hostname or fqdn e.g. FS2000-01 or FS2000-01.cisco.com
:param login_username: user credentials
:param login_password: device login password with user name 'admin'
:param sudo_password: device sudo password for 'root'
"""
super().__init__(hostname, login_username, login_password,
sudo_password, cimc_hostname)
publish_kick_metric('device.m5.init', 1)
self.line_class = M5Line
def baseline_fmc_m3(self,
iso_map_name,
http_link,
iso_file_name,
mgmt_ip,
mgmt_netmask,
mgmt_gateway,
timeout=None,
mgmt_ip6=None,
mgmt_prefix=None,
mgmt_gateway6=None,
change_password=True):
"""Baseline FMC M3 on CIMC connection.
:param iso_map_name: map name for command map-www, e.g. 'myiso'
:param http_link: http link for the share, e.g. 'http://172.23.47.63'
:param iso_file_name: iso filename under http_link, e.g. 'Sourcefire_Defense_Center_M4-6.2.0-362-Autotest.iso'
:param mgmt_ip: management interface ip address
:param mgmt_netmask: management interface netmask
:param mgmt_gateway: management interface gateway
:param timeout: in seconds; time to wait for device to boot with the new image;
if not provided, default baseline time is 7200s
:param mgmt_ip6: management interface IPv6 Address
:param mgmt_prefix: management interface IPv6 Prefix
:param mgmt_gateway6: management interface IPv6 Gateway
:param change_password: Flag to change the password after baseline
:return: None
"""
publish_kick_metric('device.m3.baseline', 1)
# set baseline timeout
self.set_installation_timeouts(timeout)
logger.info('Baseline fmc m3 ')
logger.info('=== Remove network share mapping')
self.execute('scope vmedia')
output = self.execute('show mappings | grep CD')
matched = re.split('\s+', output.split('\r\n')[-1])
if matched and matched[0] is not '|':
map_name = matched[0]
self.execute('unmap {}'.format(map_name), timeout=60)
logger.info('=== Set map-www')
map_cmd = 'map-www {} {} {}'.format(iso_map_name, http_link,
iso_file_name)
self.spawn_id.sendline(map_cmd)
# Set username empty
d1 = Dialog([
['username:'******'sendline()', None, True, False],
[self.sm.get_state('mio_state').pattern, None, None, False, False],
])
d1.process(self.spawn_id)
logger.info('=== Validate network share mapping')
self.execute_and_verify(cmd='show mappings detail',
expected_str='Map-Status: OK',
interval=10,
timeout_total=120,
retry_count=10)
logger.info('=== Validate sol: enabled, baud-rate and com0')
self.execute('top')
self.execute('scope sol')
self.execute_and_verify(cmd='show detail',
expected_str='Enabled: yes',
cmd_set_config='set enabled yes')
self.execute_and_verify(cmd='show detail',
expected_str='Baud Rate\(bps\): 9600',
cmd_set_config='set baud-rate 9600')
self.execute_and_verify(cmd='show detail',
expected_str='Com Port: com0',
cmd_set_config='set comport com0')
logger.info('=== Validate chassis operational profile')
self.execute('top')
self.execute('scope chassis')
self.execute('scope flexflash FlexFlash-0')
self.execute('scope operational-profile')
self.execute_and_verify(cmd='show detail',
expected_str='Host Accessible VDs: HV',
cmd_set_config='set virtual-drives-enabled HV')
logger.info('=== Validate chassis virtual-drive-count')
self.execute('top')
self.execute('scope chassis')
slot_info = self.execute('show storageadapter')
slot_list = re.findall('SLOT-.', slot_info)
for slot in slot_list:
self.execute('scope storageadapter {}'.format(slot))
self.execute_and_verify(cmd='show virtual-drive-count',
expected_str='Virtual Drive Count: 1')
logger.info('=== Validate bios: Boot Order and Boot Override Priority')
self.execute('top')
self.execute('scope bios')
self.execute_and_verify(
cmd='show detail',
expected_str='Boot Order: CDROM,HDD,PXE,FDD,EFI',
cmd_set_config='set boot-order cdrom,hdd,pxe,fdd,efi')
self.execute_and_verify(cmd='show detail',
expected_str='Boot Override Priority:\n',
cmd_set_config='set boot-override None',
matched_whole_line=True)
self.execute('top')
self.execute('commit', timeout=60)
logger.info('=== Run bios: bios-setup-default')
self.execute('scope bios')
self.spawn_id.sendline('bios-setup-default')
d2 = Dialog([
['Continue', 'sendline({})'.format('y'), None, False, False],
])
d2.process(self.spawn_id)
logger.info('=== Run advanced: settings')
self.execute('scope advanced')
self.execute('set IntelVT Disabled')
self.execute('set BaudRate 9600')
self.execute('set ConsoleRedir COM_0')
self.execute('set EnhancedIntelSpeedStep Disabled')
self.execute('top')
self.spawn_id.sendline('commit')
logger.info('=== Reboot the system, connect host, waiting ...')
d3 = Dialog([
[
'Do you want to reboot the system', 'sendline({})'.format('y'),
None, False, False
],
])
try:
d3.process(self.spawn_id, timeout=300)
except:
logger.info('d3 dialog did not appear')
# Handle the case there is no such question prompt
pass
self.spawn_id.sendline('connect host')
d3_2 = Dialog(
[['CISCO Serial Over LAN', 'sendline()', None, False, False]])
try:
d3_2.process(self.spawn_id, timeout=30)
except:
pass
d4 = Dialog([
['Enter selection', 'sendline({})'.format('2'), None, True, False],
[
'Restore the system?', 'sendline({})'.format('yes'), None,
True, False
],
[
'Delete license and network settings?',
'sendline({})'.format('no'), None, True, False
],
['Are you sure?', 'sendline({})'.format('yes'), None, True, False],
[
'Press enter to reboot the system', 'sendline()', None, True,
False
],
[
'.*login:'******'sendline({})'.format(self.sm.patterns.username),
None, True, False
],
[
'Password:'******'sendline({})'.format(self.sm.patterns.default_password), None,
False, False
],
])
d4.process(self.spawn_id, timeout=self.installation_timeout)
logger.info('=== Image has been loaded successfully')
logger.info('=== Validate mysql process')
self.sm.update_cur_state('admin_state')
self.validate_mysql_process()
logger.info('=== Configure network')
self.configure_network(mgmt_gateway, mgmt_ip, mgmt_netmask, mgmt_ip6,
mgmt_prefix, mgmt_gateway6, change_password)
logger.info('=== Validate version')
self.validate_version(iso_file_name=iso_file_name)
logger.info('Installation completed successfully.')
def baseline_using_serial(self,
iso_url,
mgmt_ip,
mgmt_netmask,
mgmt_gateway,
mgmt_intf="eth0",
timeout=None,
power_cycle_flag=False,
pdu_ip='',
pdu_port='',
pdu_user='******',
pdu_pwd='admn',
mgmt_ip6=None,
mgmt_prefix=None,
mgmt_gateway6=None,
change_password=True,
ipv4_mode='static',
ipv6_mode='',
dns_servers='',
search_domains='',
ntp_servers=''):
"""Baseline FMC M4 device through its physical serial port connection
:param iso_url: http url of iso image
http://10.83.65.25/cache/Development/6.2.3-1612/iso/Sourcefire_Defense_Center_M4-6.2.3-1612-Restore.iso
:param mgmt_ip: management interface ip address
:param mgmt_netmask: management interface netmask
:param mgmt_intf: management interface
:param mgmt_gateway: management interface gateway
:param timeout: in seconds; time to wait for device to boot with the new image;
if not provided, default baseline time is 7200s
:param power_cycle_flag: True power cylce before baseline, False otherwise
:param pdu_ip: string of IP addresses of the PDU's
:param pdu_port: string of power port on the PDU's
:param pdu_user: usernames for power bar servers
:param pdu_pwd: passwords for power bar servers
:param mgmt_ip6: management interface IPv6 Address
:param mgmt_prefix: management interface IPv6 Prefix
:param mgmt_gateway6: management interface IPv6 Gateway
:param change_password: Flag to change the password after baseline
:param ipv4_mode: IPv4 configuration mode - 'static' or 'dhcp'
:param ipv6_mode: IPv6 configuration mode - 'dhcp', 'router' or 'manual'
:param dns_servers: a comma-separated string of DNS servers
:param search_domains: a comma-separated string of search domains
:param ntp_servers: a comma-separated string of NTP servers
:return:
"""
publish_kick_metric('device.{}.baseline'.format(self.metric), 1)
# set baseline timeout
self.set_installation_timeouts(timeout)
# network configuration flag used to indicate if cli configuration is
# still needed after baseline
network_config = False
if power_cycle_flag:
self.power_cycle(pdu_ip, pdu_port, pdu_user, pdu_pwd)
d0 = Dialog([
[
'Enter selection', 'sendline({})'.format('3'), None, False,
False
],
])
d0.process(self.spawn_id, timeout=600)
d1 = Dialog([
[
'1 - Cisco Firepower Management Console System Restore VGA Mode',
None, None, True, False
],
[
'Enter selection', 'sendline({})'.format('2'), None, True,
False
],
[
self.sm.patterns.prompt.lilo_boot_menu_prompt, None, None,
False, False
],
])
d1.process(self.spawn_id, timeout=120)
# activate console
self._move_from_lilo_boot_menu_to_lilo_os()
else:
self._try_to_goto_prompt(prompt='any')
# Raise exception if device is not in below states
baseline_valid_states = [
"prelogin_state", "admin_state", "sudo_state", "lilos_state",
"lilobootmenu_state", "fireos_state"
]
if self.sm.current_state not in baseline_valid_states:
msg = "Baseline Serial function needs one of the valid state from %s" % baseline_valid_states
logger.error(msg)
raise RuntimeError(msg)
# Bring the system to liloos_state if it is in fireos state
if self.sm.current_state is "lilobootmenu_state":
self._move_from_lilo_boot_menu_to_lilo_os()
# go to sudo_state
elif self.sm.current_state in [
"admin_state", "prelogin_state", "fireos_state"
]:
self.go_to('sudo_state')
# reboot the device, select 3-System Restore Mode and enter lilo_boot state
if self.sm.current_state is 'sudo_state':
self.spawn_id.sendline("reboot")
d0 = Dialog([
['reboot: machine restart', None, None, True, True],
[
'Enter selection', 'sendline({})'.format('3'), None,
False, False
],
])
d0.process(self.spawn_id, timeout=300)
d1 = Dialog([
[
'1 - Cisco Firepower Management Console System Restore VGA Mode',
None, None, True, False
],
[
'Enter selection', 'sendline({})'.format('2'), None,
True, False
],
[
self.sm.patterns.prompt.lilo_boot_menu_prompt, None,
None, False, False
],
])
d1.process(self.spawn_id, timeout=120)
# activate console
self._move_from_lilo_boot_menu_to_lilo_os()
# Here means device is in LILO OS State
self.sm.update_cur_state('lilos_state')
# Try install seq with retry for 5 times
for i in range(1, 5):
ret = self._install_from_iso(iso_url=iso_url,
uut_ip=mgmt_ip,
uut_netmask=mgmt_netmask,
uut_gateway=mgmt_gateway,
mgmt_intf=mgmt_intf,
timeout=self.installation_timeout)
if ret == 0:
network_config = self.configuration_wizard(
ipv4_mode=ipv4_mode,
ipv6_mode=ipv6_mode,
ipv4=mgmt_ip,
ipv4_netmask=mgmt_netmask,
ipv4_gateway=mgmt_gateway,
ipv6=mgmt_ip6,
ipv6_prefix=mgmt_prefix,
ipv6_gateway=mgmt_gateway6,
dns_servers=dns_servers,
search_domains=search_domains,
ntp_servers=ntp_servers)
break
# If the device moved back to lilo boot menu. Try to go to lilo os and try install again
if ret == 1:
self._move_from_lilo_boot_menu_to_lilo_os()
# Raise error in all the attempts failed
if i >= 5:
msg = "Failed to install FMC using serial for %s times" % i
logger.error(msg)
raise RuntimeError(msg)
time.sleep(60)
logger.info('=== Validate mysql process')
self.validate_mysql_process()
if not network_config:
logger.info('=== Configure network')
self.configure_network(mgmt_gateway, mgmt_ip, mgmt_netmask,
mgmt_ip6, mgmt_prefix, mgmt_gateway6,
change_password)
logger.info('=== Validate version')
iso_file_name = iso_url.split('/')[-1]
self.validate_version(iso_file_name=iso_file_name)
logger.info('Installation completed successfully.')
def baseline_fmc_m4(self,
iso_map_name,
http_link,
iso_file_name,
mgmt_ip,
mgmt_netmask,
mgmt_gateway,
timeout=None,
mgmt_ip6=None,
mgmt_prefix=None,
mgmt_gateway6=None,
change_password=True):
"""Baseline FMC M4 through CIMC connection.
:param iso_map_name: map name for command map-www, e.g. 'myiso'
:param http_link: http link for the share, e.g. 'http://172.23.47.63'
:param iso_file_name: iso filename under http_link, e.g. 'Sourcefire_Defense_Center_M4-6.2.0-362-Autotest.iso'
:param mgmt_ip: management interface ip address
:param mgmt_netmask: management interface netmask
:param mgmt_gateway: management interface gateway
:param timeout: in seconds; time to wait for device to boot with the new image;
if not provided, default baseline time is 7200s
:param mgmt_ip6: management interface IPv6 Address
:param mgmt_prefix: management interface IPv6 Prefix
:param mgmt_gateway6: management interface IPv6 Gateway
:param change_password: Flag to change the password after baseline
:return: None
"""
publish_kick_metric('device.{}.baseline'.format(self.metric), 1)
# set baseline timeout
self.set_installation_timeouts(timeout)
logger.info('Baseline FMC ')
logger.info('=== set Serial Over LAN enabled')
self.execute('scope sol')
self.execute('set enabled yes')
self.execute('top')
logger.info('=== Remove network share mapping')
self.spawn_id.sendline('scope vmedia')
self.spawn_id.expect('/vmedia', timeout=self.default_timeout)
output = self.execute('show mappings | grep CD')
matched = re.split('\s+', output.split('\r\n')[-1])
if matched and matched[0] is not '|':
map_name = matched[0]
self.spawn_id.sendline('unmap {}'.format(map_name))
d0 = Dialog([
['Save mapping?', 'sendline(yes)', None, True, False],
[self.sm.get_state('mio_state').pattern, None, None, False, False],
])
try:
d0.process(self.spawn_id, timeout=300)
except:
pass
logger.info('=== Set map-www')
map_cmd = 'map-www {} {} {}'.format(iso_map_name, http_link,
iso_file_name)
logger.info('=== Command to set map-www is {}'.format(map_cmd))
self.spawn_id.sendline(map_cmd)
# Set username empty
d1 = Dialog([
['username:'******'sendline()', None, True, False],
[self.sm.get_state('mio_state').pattern, None, None, False, False],
])
d1.process(self.spawn_id)
logger.info('=== Validate network share mapping')
self.execute_and_verify(cmd='show mappings detail',
expected_str='Map-Status: OK',
interval=10,
timeout_total=120,
retry_count=10)
logger.info('=== Validate bios: Boot Order and Boot Override Priority')
self.execute('top')
self.spawn_id.sendline('scope bios')
self.spawn_id.expect('/bios', timeout=self.default_timeout)
self.execute('set boot-order CDROM')
self.execute('top')
self.execute('scope chassis')
self.spawn_id.sendline('commit')
logger.info('=== Reboot the system, connect host, waiting ...')
d3 = Dialog([
[
'Do you want to reboot the system', 'sendline({})'.format('y'),
None, False, False
],
[
'This operation will change the server\'s power state', None,
None, True, False
],
])
try:
d3.process(self.spawn_id, timeout=180)
except TimeoutError:
# Handle the case there is no such question prompt
self.spawn_id.sendline('power cycle')
d3_1 = Dialog([
[
'Warning: System is powered OFF, this action is ineffective.',
'sendline(power on)', None, True, False
],
[
'Do you want to continue.*', 'sendline(y)', None, False,
False
],
])
try:
d3_1.process(self.spawn_id, timeout=180)
except:
pass
self.spawn_id.sendline('connect host')
# self.spawn_id.sendline()
d3_2 = Dialog(
[['CISCO Serial Over LAN', 'sendline()', None, False, False]])
try:
d3_2.process(self.spawn_id, timeout=30)
except:
pass
d4 = Dialog([
['Enter selection', 'sendline({})'.format('2'), None, True, False],
[
'Restore the system?', 'sendline({})'.format('yes'), None,
True, False
],
[
'Delete license and network settings?',
'sendline({})'.format('no'), None, True, False
],
['Are you sure?', 'sendline({})'.format('yes'), None, True, False],
[
'Press enter to reboot the system', 'sendline()', None, True,
False
],
[
'.*login:'******'sendline({})'.format(self.sm.patterns.username),
None, True, False
],
[
'Password:'******'sendline({})'.format(self.sm.patterns.default_password), None,
False, False
],
])
d4.process(self.spawn_id, timeout=self.installation_timeout)
logger.info('=== Image has been loaded successfully')
logger.info('=== Validate mysql process')
self.sm.update_cur_state('admin_state')
self.validate_mysql_process()
logger.info('=== Configure network')
self.configure_network(mgmt_gateway, mgmt_ip, mgmt_netmask, mgmt_ip6,
mgmt_prefix, mgmt_gateway6, change_password)
logger.info('=== Validate version')
self.validate_version(iso_file_name=iso_file_name)
logger.info('=== FMC Baseline is Done.')
logger.info('Installation completed successfully.')
def ssh_vty(self,
ip,
port,
username='******',
password='******',
timeout=None,
line_type='ssh',
rsa_key=None):
"""
Set up an ssh connection to device's interface.
This goes into device's ip address, not console.
:param ip: ip address of terminal server
:param port: port of device on terminal server
:param username: usually "admin"
:param password: usually "Admin123"
:param timeout: in seconds
:param line_type: ssh line type
:param rsa_key: identity file (full path)
:return: a line object (where users can call execute(), for example)
"""
publish_kick_metric('device.series3fmc.ssh_vty', 1)
if not timeout:
timeout = self.default_timeout
from .constants import Series3Constants
Series3Constants.uut_ssh_ip = ip
Series3Constants.uut_ssh_port = port
if rsa_key:
resp = subprocess.getoutput('chmod 400 {}'.format(rsa_key))
if 'No such file or directory' in resp:
raise RuntimeError(
'The identity file {} you provided does not exist'.format(
rsa_key))
spawn = Spawn(
'ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no '
'-i {} -l {} -p {} {} \n'.format(rsa_key, username, port, ip))
else:
spawn = Spawn(
'ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no '
'-l {} -p {} {} \n'.format(username, port, ip))
d1 = Dialog([
[
'continue connecting (yes/no)?', 'sendline(yes)', None, True,
False
],
[
'(p|P)assword:', 'sendline({})'.format(password), None, False,
False
],
])
try:
d1.process(spawn, timeout=timeout)
# spawn.sendline()
except TimeoutError:
pass
ssh_line = Series3FmcLine(spawn, self.sm, 'ssh_vty', timeout=timeout)
return ssh_line
def series3fmc_baseline(self,
fmc,
http_server,
scp_server,
scp_port,
scp_username,
scp_password,
scp_hostname,
version_build,
iso_image_path,
uut_ip,
uut_netmask,
uut_gateway,
dns_server,
hostname='firepower',
search_domains='cisco.com',
http_dir_root='/var/www',
http_dir_tmp='iso/tmp_dev',
scp_dir_root='/nfs/netboot/ims/Release',
bz_image='bzImage*',
usb_image='usb-ramdisk*',
arch='x86_64',
console=False,
uut_ip6=None,
uut_prefix=None,
uut_gateway6=None,
timeout=None,
change_password=True,
http_port='80'):
"""Install FMC iso image on Series 3 device via http.
:param fmc: object of Series3fmc for reconnecting the device
:param http_server: HTTP Server IP Address, e.g. '10.89.23.80'
must use the same http server as the scp server
:param http_port: HTTP server port, e.g. '80'
:param scp_server: SCP Server IP Address, e.g. '10.89.23.80'
:param scp_port: SCP Server Port, e.g. '22'
:param scp_username: SCP Username
:param scp_password: SCP Password
:param scp_hostname: SCP Hostname
:param version_build: e.g. '6.2.1-1366'
:param iso_image_path: FMC image path on HTTP server
e.g. '/netboot/ims/Development/6.2.1-1366/iso/Sourcefire_Defense_Center_S3-6.2.1-1366-Restore.iso'
:param uut_ip: Device IP Address
:param uut_netmask: Device Netmask
:param uut_gateway: Device Gateway
:param dns_server: DNS server
:param hostname: hostname to be set, e.g. 'BATIT-3D8130-1-AST'
:param search_domains: search domains delimited by comma,
defaulted to 'cisco.com'
:param http_dir_root: absolute path of the http root
e.g. '/var/www'
:param http_dir_tmp: the temp dir under http_dir_root for version_build
and the config file, e.g. 'iso/tmp_dev'
:param scp_dir_root: absolute path of the dir for version_build
e.g. '/nfs/netboot/ims/Release' or '/nfs/netboot/ims/Development'
:param bz_image: bz image has to be installed on DUT, which is copied
from the scp_server, defaulted to 'bzImage*'
:param usb_image: usb image has to be installed on DUT, which is copied
from the scp_server, defaulted to 'usb-ramdisk*'
:param arch: arch type, defaulted to 'x86_64'
:param console: set to True if the device is accessed through its console;
defaulted to False
:param uut_ip6: Device IPv6 Address
:param uut_prefix: Device IPv6 Prefix
:param uut_gateway6: Device IPv6 Gateway
:param timeout: in seconds; time to wait for device to boot with the new image;
if not provided, default baseline time is 7200s
:param change_password: Flag to change the password after baseline
:return: None
"""
publish_kick_metric('device.series3fmc.baseline', 1)
# set baseline timeout
self.set_installation_timeouts(timeout)
# Define attributes and variables
self.fmc = fmc
self.http_server = http_server
self.http_port = http_port
self.scp_server = scp_server
self.scp_port = scp_port
self.scp_username = scp_username
self.scp_password = scp_password
self.scp_hostname = scp_hostname
self.version_build = version_build
self.iso_image_path = iso_image_path
self.iso_file = iso_image_path.split('/')[-1]
self.uut_ip = uut_ip
self.uut_netmask = uut_netmask
self.uut_gateway = uut_gateway
self.uut_ip6 = uut_ip6
self.uut_prefix = uut_prefix
self.uut_gateway6 = uut_gateway6
self.dns_server = dns_server
self.hostname = hostname
self.search_domains = search_domains
self.http_dir_root = http_dir_root
self.http_dir_tmp = http_dir_tmp
self.http_dir_for_build = '{}/{}/{}'.format(self.http_dir_root,
self.http_dir_tmp,
self.version_build)
self.config_file = '{}.config'.format(self.iso_file.strip('.iso'))
self.config_path = '{}/{}'.format(self.http_dir_for_build,
self.config_file)
self.config_file_url = '{}/{}/{}'.format(self.http_dir_tmp,
self.version_build,
self.config_file)
self.scp_dir_root = scp_dir_root
self.bz_image = bz_image
self.usb_image = usb_image
self.arch = arch
self.bz_image_path = '{}/{}/os/{}/boot/{}'.format(
self.scp_dir_root, self.version_build, self.arch, self.bz_image)
self.usb_image_path = '{}/{}/os/{}/ramdisks/{}'.format(
self.scp_dir_root, self.version_build, self.arch, self.usb_image)
self.console = console
logger.info('=== Generate config file on the http server ...')
self.generate_config_file()
logger.info('=== Copy bz and usb files to dut ...')
logger.info('=== Generate lilo file on dut ...')
self.go_to('sudo_state')
self.copy_bz_usb_files_setup_lilo_to_install()
if not self.console:
logger.info('=== Confirm device is rebooted ...')
self.confirm_device_rebooted()
logger.info(
'=== Wait for device to be up and configure device ...')
self.poll_device_and_configure()
else:
logger.info(
'=== Console connection available, wait for login prompt ...')
d = Dialog([
[
'login:'******'sendline({})'.format(self.sm.patterns.login_username),
None, True, False
],
[
'Password:'******'sendline({})'.format(self.sm.patterns.default_password),
None, False, False
],
])
d.process(self.spawn_id, timeout=self.installation_timeout)
self.go_to('any')
self.configure_network(uut_gateway, uut_ip, uut_netmask, uut_ip6,
uut_prefix, uut_gateway6, change_password)
logger.info('=== Fully installed.')
logger.info('=== Validate version installed ...')
self.validate_version(self.iso_file)
logger.info('Installation completed successfully.')
def rommon_to_new_image(self, rommon_tftp_server, pkg_image,
uut_ip, uut_netmask, uut_gateway, rommon_image, dns_server,
hostname='firepower', search_domains='cisco.com',
is_device_kenton=True, retry_count=MAX_RETRY_COUNT,
power_cycle_flag=False, pdu_ip='', pdu_port='',
pdu_user='******', pdu_pwd='admn', ntp_server=None,
mode='local',
uut_ip6=None, uut_prefix=None, uut_gateway6=None,
manager=None, manager_key=None, manager_nat_id=None,
firewall_mode='routed', timeout=600, **kwargs):
"""Install rommon image and FTD pkg image on ASA.
:param rommon_tftp_server: TFTP Server IP Address
:param pkg_image: FTD image to be transferred via HTTP,
e.g. 'http://192.168.0.50/Release/6.0.0-1005/installers/ftd-6.0.0-1005.pkg'
:param uut_ip: Device IP Address to access TFTP Server
:param uut_netmask: Device Netmask
:param uut_gateway: Device Gateway
:param rommon_image: boot image under /tftpboot to be transferred via TFTP,
e.g. 'asa/Release/6.0.0-1005/installers/ftd-boot-99.1.3.194.lfbff'
:param dns_server: DNS server
:param hostname: hostname to be set
:param search_domains: search domains delimited by comma,
defaulted to 'cisco.com'
:param is_device_kenton: True if device is Kenton, False if device is Saleen
:param retry_count: download retry count, defaulted to MAX_RETRY_COUNT
:param power_cycle_flag: True power cylce before baseline, False otherwise
:param pdu_ip: PDU IP
:param pdu_port: PDU Port
:param pdu_user: PDU admn
:param pdu_pwd: PDU pwd
:param ntp_server: NTP server delimited by comma, defaulted to None,
otherwise the value of ntp_server is - e.g. "ntp.esl.cisco.com"
:param mode: the manager mode (local, remote)
:param uut_ip6: Device IPv6 Address
:param uut_prefix: Device IPv6 Prefix
:param uut_gateway6: Device IPv6 Gateway
:param manager: FMC to be configured for registration
:param manager_key: Registration key
:param manager_nat_id: Registration NAT Id
:param firewall_mode: the firewall mode (routed, transparent, ngips)
:param timeout: in seconds; time to wait for fetching the boot image from TFTP server;
defaulted to 600s
:return: None
"""
logger.info('Starting baseline')
graphite.publish_kick_metric('device.ftd5500x.baseline', 1)
self.rommon_tftp_server = rommon_tftp_server
self.pkg_image = pkg_image
self.uut_ip = uut_ip
self.uut_netmask = uut_netmask
self.uut_gateway = uut_gateway
self.uut_ip6 = uut_ip6
self.uut_prefix = uut_prefix
self.uut_gateway6 = uut_gateway6
self.rommon_image = rommon_image
self.dns_server = dns_server
self.hostname = hostname
self.search_domains = search_domains
self.retry_count = retry_count
self.ntp_server = ntp_server
self.mode = mode
self.firewall_mode=firewall_mode
self.manager = manager
self.manager_key = manager_key
self.manager_nat_id = manager_nat_id
if not (self.sm.current_state in ['rommon_state', 'boot_state']):
if not power_cycle_flag:
if self.sm.current_state is 'disable_state':
logger.info('Device is in disable state. Go to enable and reload ...')
self.go_to('enable_state')
self.spawn_id.sendline('reload noconfirm')
elif self.sm.current_state in ['enable_state', 'config_state']:
logger.info('Device is in enable or config state. Reloading ...')
self.spawn_id.sendline('reload noconfirm')
else:
logger.info('Reboot the device ...')
self.go_to('sudo_state')
self.spawn_id.sendline('reboot')
try:
self.spawn_id.expect('Rebooting...', timeout=300)
except TimeoutError:
raise RuntimeError(">>>>>> Failed to reboot the device. Probably hanged during reboot?")
else:
logger.info('Power cycle the device ...')
self.power_cycle(pdu_ip, pdu_port, wait_until_device_is_on=False, power_bar_user=pdu_user,
power_bar_pwd=pdu_pwd)
logger.info('Drop the device to rommon.')
self.rommon_go_to()
if self.sm.current_state is 'boot_state':
logger.info('Device is in boot_state, drop the device to rommon.')
self.spawn_id.sendline('system reload')
d1 = Dialog([
['Are you sure you want to reload the system',
'sendline(y)', None, False, False],
])
d1.process(self.spawn_id, timeout=30)
self.rommon_go_to()
self.rommon_config(is_device_kenton)
logger.info('tftpdnld - tftp server: {}, '
'rommon image: {} ...'.format(rommon_tftp_server, rommon_image))
try:
self.rommon_boot(timeout=timeout)
except FileNotFoundError:
logger.info('TFTP Error: File not found! Run again the network settings')
self.rommon_config(is_device_kenton)
self.rommon_boot(timeout=timeout)
self.go_to('any')
logger.info('firepower boot configure ...')
self.firepower_boot_configure()
logger.info('FTD image install - image: {} ...'.format(pkg_image))
self.firepower_install()
self.go_to('any')
if self.manager is not None and self.mode != 'local':
logger.info('Configure manager')
self.configure_manager()
logger.info('Validate version installed')
self.validate_version()
logger.info('Installation completed successfully.')
def baseline_elektra_5585(self, rommon_tftp_server, pkg_image,
uut_ip, uut_netmask, uut_gateway, rommon_image, dns_server,
hostname='firepower', search_domains='cisco.com',
retry_count=MAX_RETRY_COUNT,
power_cycle_flag=False, pdu_ip='', pdu_port='',
pdu_user='******', pdu_pwd='admn', ntp_server=None,
uut_ip6=None, uut_prefix=None, uut_gateway6=None,
manager=None, manager_key=None, manager_nat_id=None, **kwargs):
"""Install rommon image and Elektra pkg image on SFR blade.
:param rommon_tftp_server: TFTP Server IP Address
:param pkg_image: Elektra image to be transferred via HTTP,
e.g. 'http://192.168.0.50/Release/6.2.3-10697/installers/asasfr-sys-6.2.3-10697.pkg'
:param uut_ip: Device IP Address to access TFTP Server
:param uut_netmask: Device Netmask
:param uut_gateway: Device Gateway
:param rommon_image: boot image under /tftpboot to be transferred via TFTP,
e.g. 'netboot/elektra-boot-images/6.2.3/6.2.3-2/asasfr-boot-6.2.3-2.img'
:param dns_server: DNS server
:param hostname: hostname to be set
:param search_domains: search domains delimited by comma,
defaulted to 'cisco.com'
:param retry_count: download retry count, defaulted to MAX_RETRY_COUNT
:param power_cycle_flag: True power cylce before baseline, False otherwise
:param pdu_ip: PDU IP
:param pdu_port: PDU Port
:param pdu_user: PDU admn
:param pdu_pwd: PDU pwd
:param ntp_server: NTP server delimited by comma, defaulted to None,
otherwise the value of ntp_server is - e.g. "ntp.esl.cisco.com"
:param uut_ip6: Device IPv6 Address
:param uut_prefix: Device IPv6 Prefix
:param uut_gateway6: Device IPv6 Gateway
:param manager: FMC to be configured for registration
:param manager_key: Registration key
:param manager_nat_id: Registration NAT Id
:param timeout: in seconds; time to wait for fetching the boot image from TFTP server;
defaulted to 600s
:return: None
"""
logger.info('Starting baseline')
graphite.publish_kick_metric('device.elektra5585.baseline', 1)
self.rommon_tftp_server = rommon_tftp_server
self.pkg_image = pkg_image
self.uut_ip = uut_ip
self.uut_netmask = uut_netmask
self.uut_gateway = uut_gateway
self.uut_ip6 = uut_ip6
self.uut_prefix = uut_prefix
self.uut_gateway6 = uut_gateway6
self.rommon_image = rommon_image
self.dns_server = dns_server
self.hostname = hostname
self.search_domains = search_domains
self.retry_count = retry_count
self.ntp_server = ntp_server
self.manager = manager
self.manager_key = manager_key
self.manager_nat_id = manager_nat_id
tftptimeout = kwargs.get('timeout', 600)
if not (self.sm.current_state in ['rommon_state', 'boot_state', 'pkglogin_state']):
if not power_cycle_flag:
logger.info('Reboot the device ...')
self.go_to('sudo_state')
self.spawn_id.sendline('reboot')
else:
logger.info('Power cycle the device ...')
self.power_cycle(pdu_ip, pdu_port, wait_until_device_is_on=False, power_bar_user=pdu_user,
power_bar_pwd=pdu_pwd)
try:
self.spawn_id.expect('Use (.*?BREAK.*?|.*?ESC.*?) to interrupt boot', timeout=120)
except TimeoutError:
RuntimeError(">>>>>> Failed to stop rebooting")
logger.info('Drop the device to rommon.')
self.rommon_go_to()
if self.sm.current_state is 'pkglogin_state':
self.go_to('boot_state')
if self.sm.current_state is 'boot_state':
logger.info('Device is in boot_state, drop the device to rommon.')
self.spawn_id.sendline('system reload')
d1 = Dialog([
['Are you sure you want to reload the system',
'sendline(y)', None, False, False],
])
d1.process(self.spawn_id, timeout=30)
self.rommon_go_to()
logger.info('Rommon configure.')
self.rommon_configure()
logger.info('tftpdnld - tftp server: {}, '
'rommon image: {} ...'.format(rommon_tftp_server, rommon_image))
self.rommon_boot(tftptimeout)
self.go_to('any')
logger.info('firepower boot configure ...')
self.firepower_boot_configure()
logger.info('Install image: {} ...'.format(pkg_image))
self.firepower_install()
self.go_to('any')
if self.manager is not None:
logger.info('Configure manager')
self.configure_manager()
logger.info('Validate version installed')
self.validate_version()
logger.info('Installation completed successfully.')
def baseline(self,
tftp_server,
rommon_file,
uut_hostname,
uut_username,
uut_password,
uut_ip,
uut_netmask,
uut_gateway,
dns_servers,
search_domains,
fxos_url,
ftd_version,
file_server_password="",
power_cycle_flag=False,
mode='local',
uut_ip6=None,
uut_prefix=None,
uut_gateway6=None,
manager=None,
manager_key=None,
manager_nat_id=None,
firewall_mode='routed',
timeout=3600,
reboot_timeout=300):
""" Method used to baseline the Westminster device.
Does the following steps:
- assigns an ip address from mgmt network to the sensor in rommon mode
- tftp and boots an fxos image
- from within FXOS downloads and installs a FTD image
:param tftp_server: tftp server to get rommon and fxos images
:param rommon_file: rommon build,
e.g. 'asa/cache/Development/6.4.0-10138/installers/fxos-k8-fp2k-lfbff.82.5.1.893i.SSB'
:param uut_hostname: hostname of the FTD
:param uut_username: User Name to login to FTD
:param uut_password: Password to login to FTD
:param uut_ip: Device IP Address to access TFTP Server
:param uut_netmask: Device Netmask
:param uut_gateway: Device Gateway
:param dns_servers: DNS Servers
:param search_domains: Search Domains
:param fxos_url: FXOS+FTD image url,
e.g. 'tftp://10.89.23.30/asa/cache/Development/6.4.0-10138/installers/
cisco-ftd-fp1k.6.4.0-10138.SSB'
:param ftd_version: ftd version, e.g. '6.4.0-10138'
:param file_server_password: if use scp protocol, this is the password to
download the image
:param power_cycle_flag: if True power cycle the device before baseline
:param mode: the manager mode ('local', 'remote')
:param uut_ip6: Device IPv6 Address
:param uut_prefix: Device IPv6 Prefix
:param uut_gateway6: Device IPv6 Gateway
:param manager: FMC to be configured for registration
:param manager_key: Registration key
:param manager_nat_id: Registration NAT Id
:param firewall_mode: the firewall mode ('routed', 'transparent', 'ngips')
:param timeout: in seconds; time to wait for installing the security package;
default value is 3600s
:param reboot_timeout: in seconds; time to wait for system to restart;
default value is 300s
:return: None
"""
publish_kick_metric('device.wm.baseline', 1)
super().baseline_fp2k_ftd(tftp_server=tftp_server,
rommon_file=rommon_file,
uut_hostname=uut_hostname,
uut_username=uut_username,
uut_password=uut_password,
uut_ip=uut_ip,
uut_netmask=uut_netmask,
uut_gateway=uut_gateway,
dns_servers=dns_servers,
search_domains=search_domains,
fxos_url=fxos_url,
ftd_version=ftd_version,
file_server_password=file_server_password,
power_cycle_flag=power_cycle_flag,
mode=mode,
uut_ip6=uut_ip6,
uut_prefix=uut_prefix,
uut_gateway6=uut_gateway6,
manager=manager,
manager_key=manager_key,
manager_nat_id=manager_nat_id,
firewall_mode=firewall_mode,
timeout=timeout,
reboot_timeout=reboot_timeout)
def ssh_vty(self, ip, port, username='******', password=KickConsts.DEFAULT_PASSWORD,
timeout=None, line_type='ssh', rsa_key=None):
"""Set up an ssh connection to device's interface.
This goes into device's ip address, not console.
:param ip: ip address of terminal server
:param port: port of device on terminal server
:param username: usually "admin"
:param password: usually "Admin123"
:param line_type: ssh line type
:param timeout: in seconds
:param rsa_key: identity file (full path)
:return: a line object (where users can call execute(), for example)
"""
graphite.publish_kick_metric('device.basic.ssh_vty', 1)
ssh_line = None
if not timeout:
timeout = self.default_timeout
if rsa_key:
resp = subprocess.getoutput('chmod 400 {}'.format(rsa_key))
if 'No such file or directory' in resp:
raise RuntimeError(
'The identity file {} you provided does not exist'.format(
rsa_key))
spawn_id = NewSpawn(
'ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no '
'-i {} -l {} -p {} {} \n'.format(rsa_key, username, port, ip))
else:
spawn_id = NewSpawn(
'ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no '
'-l {} -p {} {} \n'.format(username, port, ip))
ctx = AttributeDict({'password': password})
d = Dialog([
['continue connecting (yes/no)?', 'sendline(yes)', None, True,
False],
['(p|P)assword:', 'sendline_ctx(password)', None, False, False],
['[>#$] ', 'sendline()', None, False, False]
])
output = d.process(spawn_id, context=ctx, timeout=timeout)
logger.info('Output from login dialog is: {}'.format(output.match_output.replace(
'\n', '[LF]').replace('\r', '[CR]')))
try:
ssh_line = self._accept_configuration_and_change_password(spawn_id, line_type, username, password, timeout)
except TimeoutError:
logger.info("Device initialization has failed")
logger.info('Spawn_id.buffer content is: {}'.format(spawn_id.buffer))
raise
except OSError:
logger.info(
"Failed to login with user provided details: user: {}, password: {}".format(
username, password))
raise
logger.debug('ssh_vty() finished successfully')
if not ssh_line:
ssh_line = self.line_class(spawn_id, self.sm, line_type, timeout=timeout)
return ssh_line
def telnet_console_with_credential(self, ip, port, username=DEFAULT_USERNAME,
password=DEFAULT_PASSWORD, timeout=None,
en_password=DEFAULT_ENPASSWORD):
"""Set up an telnet console connection, and needs to provide
credential.
This goes into device's console port, through a terminal server.
:param ip: ip address of terminal server
:param port: port of device on terminal server
:param username: username
:param password: password
:param timeout: in seconds
:param en_password: enable password to switch to line configuration mode
:return: a line object (where users can call execute(), for example)
"""
if username == DEFAULT_USERNAME:
username = get_username(username)
if password == DEFAULT_PASSWORD:
password = get_password(password)
if en_password == DEFAULT_ENPASSWORD:
en_password = get_en_password(en_password)
graphite.publish_kick_metric(
'device.basic.telnet_console_with_credential', 1)
if not timeout:
timeout = self.default_timeout
spawn_id = NewSpawn('telnet {} {}\n'.format(ip, port))
try:
spawn_id.expect(
"Connected to.*Escape character is '\^\]'\..*Username: "******"Connected to.*Escape character is '\^\]'\..*Username: "******"Password: "******"Password OK.*", timeout)
except uniconTimeoutError:
logger.debug("'Password OK' message did not appear ... continue")
spawn_id.sendline('')
telnet_line = self.line_class(spawn_id, self.sm, 'telnet',
timeout=timeout)
logger.debug('telnet_console_with_credential() finished successfully')
return telnet_line
def ssh_console(self, ip, port, username=DEFAULT_USERNAME, password=DEFAULT_PASSWORD,
timeout=None, en_password=DEFAULT_ENPASSWORD):
"""Set up an ssh console connection.
This goes into device's console port, through a terminal server.
:param ip: ip address of terminal server
:param port: port of device on terminal server
:param username: username
:param password: password
:param timeout: in seconds
:param en_password: enable password to switch to line configuration mode
:return: a line object (where users can call execute(), for example)
"""
if username == DEFAULT_USERNAME:
username = get_username(username)
if password == DEFAULT_PASSWORD:
password = get_password(password)
if en_password == DEFAULT_ENPASSWORD:
en_password = get_en_password(en_password)
graphite.publish_kick_metric('device.basic.ssh_console', 1)
if not timeout:
timeout = self.default_timeout
spawn_id = NewSpawn(
'ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no '
'-l {} -p {} {} \n'.format(username, port, ip))
ctx = AttributeDict({'password': password})
d = Dialog([
['continue connecting (yes/no)?', 'sendline(yes)', None, True,
False],
['(p|P)assword:', 'sendline_ctx(password)', None, False, False],
])
try:
d.process(spawn_id, context=ctx, timeout=timeout)
except OSError:
spawn_id.close()
clear_line(ip, int(port) % 100, user=username, pwd=password,
prompt='#', access='ssh', en_password=en_password,
timeout=timeout)
spawn_id = NewSpawn(
'ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no '
'-l {} -p {} {} \n'.format(username, port, ip))
try:
d.process(spawn_id, context=ctx, timeout=timeout)
except:
spawn_id.close()
raise
d1 = Dialog([
['Password OK', 'sendline()', None, False, False],
['[.*>#] ', 'sendline()', None, False, False],
])
try:
d1.process(spawn_id, timeout=timeout)
except:
spawn_id.sendline()
logger.debug('ssh_console() finished successfully')
try:
ssh_line = self.line_class(spawn_id, self.sm, 'ssh',
timeout=timeout)
except:
spawn_id.close()
raise
return ssh_line
def baseline_elektra(self,
http_server,
boot_image,
pkg_image,
uut_ip,
uut_netmask,
uut_gateway,
dns_server,
hostname='firepower',
search_domains='cisco.com',
uut_ip6=None,
uut_prefix=None,
uut_gateway6=None,
retry_count=MAX_RETRY_COUNT,
ntp_server=None,
**kwargs):
"""Baseline device of Elektra, install boot_image, pkg_image and verify
image installed.
:param http_server: http server IP
:param boot_image: in enable mode, download and install boot_image.
for example, boot_image='http://10.89.23.80/netboot/ims/Release/6.2.0-362/
installers/asasfr-5500x-boot-6.2.0-2.img'
:param pkg_image: in boot mode, download and install pkg_image.
for example, pkg_image='http://10.89.23.80/netboot/ims/Release/6.2.0-362/
installers/asasfr-sys-6.2.0-362.pkg'
:param uut_ip: UUT IP address
:param uut_netmask: UUT netmask
:param uut_gateway: UUT gateway
:param uut_ip6: Device IPv6 Address
:param uut_prefix: Device IPv6 Prefix
:param uut_gateway6: Device IPv6 Gateway
:param dns_server: DNS server
:param hostname: hostname of the device to be set
:param search_domains: search domains, defaulted to 'cisco.com'
:param retry_count: download retry count, defaulted to MAX_RETRY_COUNT
:param ntp_server: NTP server delimited by comma, defaulted to None,
otherwise the value of ntp_server is - e.g. "ntp.esl.cisco.com"
:return: None
"""
publish_kick_metric('device.elektra.baseline', 1)
self.http_server = http_server
self.boot_image = boot_image
self.pkg_image = pkg_image
self.uut_ip = uut_ip
self.uut_netmask = uut_netmask
self.uut_gateway = uut_gateway
self.uut_ip6 = uut_ip6
self.uut_prefix = uut_prefix
self.uut_gateway6 = uut_gateway6
self.dns_server = dns_server
self.hostname = hostname
self.search_domains = search_domains
self.retry_count = retry_count
self.ntp_server = ntp_server
if self.sm.current_state is not 'boot_state':
logger.info('=== Configure terminal')
self.configure_terminal()
logger.info('=== Download and set module to boot_image')
self.download_and_set_boot_module()
logger.info('=== Boot configure')
self.boot_configure()
logger.info('=== SFR install: {}'.format(self.pkg_image))
self.ftd_install()
logger.info('=== FTD configure')
self.ftd_configure()
logger.info('=== Validate version')
self.validate_version()
