On Friday, December 18, 2015 at 5:10:23 PM UTC-6, red 888 wrote: > > I'm trying to use puppet's network device management > <https://puppetlabs.com/blog/puppet-network-device-management> feature to > configure Cisco routers. > > I know its just running ios commands so how can I extend it by having it > run my own ios commands? I want to use this to create my own facts and do > other stuff. >
Note in particular this important remark from the 'puppet device' manual page <https://docs.puppetlabs.com/references/4.3.latest/man/device.html>: "Retrieves all configurations from the puppet master and apply them to the remote devices configured in /etc/puppetlabs/puppet/device.conf." It perhaps takes a bit of reading between the lines to understand that 'puppet device' runs on an ordinary node on your network that can access your router(s) remotely to configure it. You include the appropriate Puppet resources in the catalog for that node, and when you run 'puppet device' on that node it retrieves the node's catalog, extracts the pertinent resources (as chosen based in part on the contents of the node's device.conf file), and applies them to the device(s). There is a puppet agent that runs directly on some Cisco devices <https://puppetlabs.com/presentations/managing-cisco-devices-using-puppet>, but that's an altogether different thing. > On a windows endpoint I can use exec to run shell commands: > > exec { 'test': > command => 'C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe > -executionpolicy remotesigned -file C:\test.ps1', > } > > How can I do something like this with puppet device? > > When I tried running an ios command it gave me an error: > > exec { 'test': > command => 'show ip int bri' > } > > Info: Caching catalog for 123.123.123.123 > Error: Failed to apply catalog: Validation of Exec[test] failed: 'show ip int > bri' is not qualified and no path was specified. Please qualify the command > or specify a path. at > /etc/puppet/environments/production/modules/ciscorouterconfig/manifests/init.pp:82 > shell returned 1 > > > Some of Puppet's diagnostics are not very good, but I don't see how this particular one could be improved: "'show ip int bri' is not qualified and no path was specified. Please qualify the command or specify a path." If that's not quite enough, then it seems the next logical thing to do would be to consult the documentation for the Exec resource type <http://docs.puppetlabs.com/references/latest/type.html#exec>. The bottom line is that either the path to the command binary must be either specified explicitly or among those given via the Exec's 'path' parameter. The former would look something like exec { 'demo': # for example only command => '/usr/bin/show ip int bri' } . Note, however, that Exec runs commands on the node to which the catalog is applied, so the command must be one available on that machine. If you are using 'puppet device' then you cannot run IOS commands via an Exec because the node to which the catalog is being applied is not the router itself, and therefore it is unlikely to be running IOS. Even if it were running IOS, it's unclear whether that's the router on which you actually want the command to run. You could, however, use an Exec to open a telnet or ssh connection to the router with which to execute a remote command; that is akin to how the built-in device management types work, but those do not themselves use an Exec. I am a bit uncertain what you mean by "facts". Of course, Puppet relies integrally on node facts provided via Facter, but it's unclear how those would be relevant to your objective of managing network devices via 'puppet device', since with that subsystem the node involved is not the device being managed. The Cisco implementation ('provider') of the device-management types (i.e. interface <http://docs.puppetlabs.com/references/latest/type.html#interface> and vlan <http://docs.puppetlabs.com/references/latest/type.html#vlan>) has an internal sense of device facts, but these appear not to be related to Facter and not to be customizable. Similarly, I see no mechanism there for executing arbitrary IOS commands, but there is a pretty wide range of device properties that you can configure that way (see the referenced docs). If the facilities already available do not adequately address your needs then you should consider filing a feature-request ticket <https://tickets.puppetlabs.com/secure/Dashboard.jspa>. Because such a feature request will take some time to be fulfilled if it is accepted at all, if you want to do something that is not presently supported then you could consider writing an Exec that connects remotely and runs a command of your choice, as described above. John -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/c5745464-9d56-4cb5-b563-e60aee4a37b1%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
