命令行访问ControllerBase CloudGenix ION故障排除工具箱。
cgxsh的Python项目详细描述
cgxsh(预览)
C大声G埃尼XSH厄尔(cgxsh
)
命令行访问基于控制器的CloudGenix离子故障排除工具包。在
概要
cgxsh
应用程序的目的是允许CloudGenix客户替换许多特定于设备的故障排除
传统上通过SSH和基于云的连接模型执行。在
这个实用程序试图表现出“ssh-like”的行为,但是有一些根本的区别。在
此实用程序应支持Windows(Win 10或更高版本)和Mac/Linux系统。在
要求
- 活动CloudGenix帐户
- Python>;=3.6
- 运行5.2.1+软件的CloudGenix IONs
- Python模块: 在
安装
- 通过PIP简单到
pip install cgxsh
命令/功能
cgxsh
- 使用CloudGenix云控制器的SSH替换控制台实用程序
- 简单的命令行用法:
cgxsh "Portland ION"
- 默认为交互式会话,但也支持特定命令和退出:
cgxsh "Portland ION" "set paging off" "dump lldp all"
- 多租户ESP/MSP支持:
cgxsh "Device_name"@"Tenant_Name"
- 具有多租户支持和可选加密以存储凭据的配置文件
- 模糊匹配:
edwards-mbp-pro:cgxsh aaron$ cgxsh "Portland ION"
No match for Portland ION, best guesses:
1) Portland Sales Office ION, (86%)2) ION2K-A, (54%)3) ION2K-B, (54%)4) DHL-1, (36%)5) MAD-7K-1, (36%)6) MAD-7K-2, (36%)7) MAN-3K-1, (36%)
Select a number, or any other key to exit: 1
在 - 连接时操作的退出命令菜单:
^{pr2}$
在
cgxsh\u通用型
- 通用CloudGenix Websocket客户端,用于管理和试验订阅。在
- CloudGenix需要keepalive处理
- JSON输出格式。在
cgxsh创建默认配置
- 创建默认的cgxsh配置(在$HOME/.cgxsh中/配置yml)在
cgxsh_编辑配置
- 启动编辑器以编辑
cgxsh
配置。
- Mac/Linux:Default/usr/bin/vi
- 窗口:默认记事本.exe在
在 - 处理配置的解密/重新加密(如果已加密)。在
cgxsh\u解密配置
- 如果需要,允许解密
cgxsh
配置。在
cgxsh\u加密配置
- 加密
cgxsh
配置(如果尚未加密)。在
许可证
pip install cgxsh
cgxsh "Portland ION"
cgxsh "Portland ION" "set paging off" "dump lldp all"
cgxsh "Device_name"@"Tenant_Name"
edwards-mbp-pro:cgxsh aaron$ cgxsh "Portland ION" No match for Portland ION, best guesses: 1) Portland Sales Office ION, (86%)2) ION2K-A, (54%)3) ION2K-B, (54%)4) DHL-1, (36%)5) MAD-7K-1, (36%)6) MAD-7K-2, (36%)7) MAN-3K-1, (36%) Select a number, or any other key to exit: 1在
- 创建默认的cgxsh配置(在$HOME/.cgxsh中/配置yml)在
cgxsh_编辑配置
- 启动编辑器以编辑
cgxsh
配置。- Mac/Linux:Default/usr/bin/vi
- 窗口:默认记事本.exe在
- 处理配置的解密/重新加密(如果已加密)。在
cgxsh\u解密配置
- 如果需要,允许解密
cgxsh
配置。在
cgxsh\u加密配置
- 加密
cgxsh
配置(如果尚未加密)。在
许可证
cgxsh
配置。在cgxsh
配置(如果尚未加密)。在麻省理工学院
版本
Version | Build | Changes |
---|---|---|
1.0.1 | b1 | Fix for Github issues #1 and #2 |
1.0.0 | b1 | Initial Release |
0.0.1 | b1 | Placeholder for future release. |
(可选)环境变量
AUTH_TOKEN
或X_AUTH_TOKEN
:CloudGenix控制器身份验证令牌(覆盖配置文件)CGXSH_CONFIG_PASSWORD
:用于加载加密cgxsh
配置的密码。在
使用信息和示例。
连接到名称匹配模糊且没有保存配置信息的离子
cgxsh \<ION name or ID>
edwards-mbp-pro:cgxsh aaron$ cgxsh "Portland ION" controller login: user@email.com controller password: No match for Portland ION, best guesses: 1) Portland Sales Office ION, (86%) 2) ION2K-A, (54%) 3) ION2K-B, (54%) 4) MAN-3K-1, (36%) 5) MAD-7K-2, (36%) 6) MAD-7K-1, (36%) 7) DHL-1, (36%) Select a number, or any other key to exit: 1 Connecting to Portland Sales Office ION (15608897741660166). Connected to 15608897741660166. Escape character is '^]'. ec2683ee-0d9c-8a64-3467-55121bb8a672 login: aaron Password: Last login: Tue Dec 17 22:47:18 UTC 2019 on pts/0 Portland Sales Office ION# dump standingalarms Code : NETWORK_VPNPEER_UNREACHABLE Ident : 15608901339660208 Severity : minor Raised : 2019-12-12 20:54:44.834 +0000 UTC (122h6m8.469335222s ago) Correlation ID : F70lP6T9 vpn_link_id : 15608901339570207 al_id : 15608896659530120 Portland Sales Office ION#
连接到配置文件中具有完全匹配名称和控制器/设备配置的离子
cgxsh \<ION name or ID>
edwards-mbp-pro:cgxsh aaron$ cgxsh "Portland Sales Office ION" Connecting to Portland Sales Office ION (15608897741660166). Connected to 15608897741660166. Escape character is '^]'. Last login: Tue Dec 17 22:52:46 UTC 2019 on pts/0 Portland Sales Office ION# dump standingalarms Code : NETWORK_VPNPEER_UNREACHABLE Ident : 15608901339660208 Severity : minor Raised : 2019-12-12 20:54:44.834 +0000 UTC (122h6m8.469335222s ago) Correlation ID : F70lP6T9 vpn_link_id : 15608901339570207 al_id : 15608896659530120 Portland Sales Office ION#
通过ESP/MSP帐户连接到分租户上的ION,并保存每个分租户的配置
cgxsh \<ION name or ID>
edwards-mbp-pro:cgxsh aaron$ cgxsh "Portland Sales Office ION"@MyCustomerClientZ No match for MyCustomerClientZ, best guesses: 1) MyCustomerClientA, (90%) 2) CustomerClientB, (22%) 3) CustomerClientC, (22%) 4) CustomerClientD, (22%) 5) CustomerClientE, (22%) 6) CustomerClientF, (22%) Select a number, or any other key to exit: 1 Connecting to Client MyCustomerClientA (MyCustomerClient_canonicalname). Connecting to Portland Sales Office ION (15608897741660166). Connected to 15608897741660166. Escape character is '^]'. Last login: Tue Dec 17 22:52:46 UTC 2019 on pts/0 Portland Sales Office ION# dump standingalarms Code : NETWORK_VPNPEER_UNREACHABLE Ident : 15608901339660208 Severity : minor Raised : 2019-12-12 20:54:44.834 +0000 UTC (122h6m8.469335222s ago) Correlation ID : F70lP6T9 vpn_link_id : 15608901339570207 al_id : 15608896659530120 Portland Sales Office ION#
管理连接到当前ION的cgxsh/web toolkit用户
Press escape char (CTRL-]) during cgxsh session
Portland Sales Office ION# cgxsh> ? Commands are: send Send special characters (help send for more) sdkdebug Enable/Disable API/WebSocket debug messages (help sdkdebug for more) verbosity Change cgxsh message verbosity (help verbosity for more) sessions View active Toolkit Websocket Sessions (help sessions for more) sessions_kill View and kill/close active Toolkit Websocket Sessions (help sessions_kill for more) quit Close the connection and exit. close Close the connection and exit. exit Close the connection and exit. help Additional help on sub commands. eg: help <command> Pressing <enter> on empty command line will return you to session. cgxsh> sessions_kill element Toolkit Sessions: Index Element Operator Age State Session ID ------- ------------------------- ------------------------ -------- ------- ---------------------------------------- 1 Portland Sales Office ION aaron@cloudgenix.com 1h36m12s active 1576618422757015099992703857847609972162 2 Portland Sales Office ION otheruser@cloudgenix.com 9m9s active 1576623645452007700007702497325448497534 Total: 2 Enter Index to remove (range for multiple (eg. 1,3,5-10), or x to exit: 2 Planning to end the following sessions (index): 2. Confirm? (y/n): y Ended session 2 to Portland Sales Office ION. cgxsh> Portland Sales Office ION#
加密明文配置。
edwards-mbp-pro:cgxsh aaron$ cgxsh_encrypt_config Enter password to encrypt file: Confirm file encryption password: Saving encrypted configuration: Done. edwards-mbp-pro:cgxsh aaron$默认值>h5配置yml模板
---
type: cgxsh
version: 1.0
# This section allows you to specify a default AUTH_TOKEN, DEVICE_USER and DEVICE_PASSWORD. These will be used
# by default if others are not specified.
#
# For Controller authentication, AUTH_TOKEN is used first (if present.) If no AUTH_TOKEN, CONTROLLER_USER and
# CONTROLLER_PASSWORD are used. If those are missing or fail, login will be prompted.
#
# If the DEVICE_USER or DEVICE_PASSWORD fails, you will be prompted to finish logging in when connecting to the device.
DEFAULT:
AUTH_TOKEN:
CONTROLLER_USER:
CONTROLLER_PASSWORD:
DEVICE_USER:
DEVICE_PASSWORD:
# If you have a CloudGenix MSP/ESP portal account, you can specify the device access credentials on a per-client
# basis. If the client name is not an exact match, the credentials will not be used.
#
# Note: MSP/ESP client attachment requires DEFAULT: CONTROLLER_USERNAME/CONTROLLER_PASSOWRD. AUTH_TOKENs cannot be used.
ESP:
"Example Client1 Name Match":
DEVICE_USER:
DEVICE_PASSWORD:
"Example Client2 Name Match":
DEVICE_USER:
DEVICE_PASSWORD:
订阅通用websocket以获取推送配置更改消息(本例中为element,site)
cgxsh_generic_ws
edwards-mbp-pro:cgxsh aaron$ cgxsh_generic_ws Connected. > { "type": "PUT", "uri": "/v2.0/api/tenants/10006/subscriptions", "body": {"type": "config_change", "subscriptions": [{"resource_key": "elements"},{"resource_key": "sites"}] }} < { "type": "PUT", "uri": "/v2.0/api/tenants/10006/subscriptions", "body": { "id": "15766253860930016", "_etag": 1, "_content_length": 0, "_schema": 0, "_created_on_utc": 15766253860930016, "_updated_on_utc": 15766253860930016, "_status_code": "200", "_message_id": "1576625386053000499998772050152704482435", "_request_id": "1576625386053000399991149536419934892671", "subscriptions": [ { "resource_key": "elements" }, { "resource_key": "sites" } ], "type": "config_change" } }
subsequent time later when configuration change on element occurs..
< { "id": "15766254376560072", "_created_on_utc": 15766254376560072, "_updated_on_utc": 15766254376560072, "_message_id": "1576625437641018399996760510275758800343", "_request_id": "1576625437641018299992839389780516744938", "operator_id": "15713488339050031", "operator_tenant_id": "10006", "esp_tenant_id": "123", "request_id": "1576625437588017700003942214959372913327", "source_ip": "96.64.220.253", "resource_key": "elements", "resource_id": "15608897741660166", "resource_etag": 1728, "resource_version": "v2.3", "request_type": "PUT", "request_uri": "/v2.3/api/tenants/10006/elements/15608897741660166", "request_body": { "_etag": 1727, "_schema": 0, "id": "15608897741660166", "site_id": "15608896590040129", "name": "Portland Sales Office ION", "description": null, "tags": [ "SNOW-high" ], "sw_obj": null, "cluster_insertion_mode": null, "cluster_member_id": null, "l3_direct_private_wan_forwarding": true, "l3_lan_forwarding": true, "vpn_to_vpn_forwarding": false, "network_policysetstack_id": null, "priority_policysetstack_id": null, "nat_policysetstack_id": null, "spoke_ha_config": null }, "response_code": 200, "response_body": { "id": "15608897741660166", "_etag": 1728, "_content_length": "0", "_schema": 0, "_created_on_utc": 15608897741660166, "_updated_on_utc": 15766254376080179, "_status_code": "200", "_request_id": "1576625437588017700003942214959372913327", "_debug": null, "_info": null, "_warning": null, "_error": null, "tenant_id": "10006", "site_id": "15608896590040129", "software_version": "5.2.1-a85", "hw_id": "ec2683ee-0d9c-8a64-3467-55121bb8a672", "serial_number": "ec2683ee-0d9c-8a64-3467-55121bb8a672", "model_name": "ion 3102v", "name": "Portland Sales Office ION", "description": null, "role": "SPOKE", "state": "bound", "allowed_roles": [ "HUB", "SPOKE" ], "cluster_insertion_mode": null, "cluster_member_id": null, "l3_direct_private_wan_forwarding": true, "l3_lan_forwarding": true, "connected": true, "admin_action": null, "deployment_op": null, "network_policysetstack_id": null, "priority_policysetstack_id": null, "spoke_ha_config": null, "tags": [ "SNOW-high" ], "nat_policysetstack_id": null, "vpn_to_vpn_forwarding": false }, "time_ms": 52, "request_content_length": 439, "response_content_length": 0, "request_ts": 1576625437588, "response_ts": 1576625437640 } >
命令行参数
cgxsh
usage: cgxsh [-h] [--controller-email CONTROLLER_EMAIL] [--controller-password CONTROLLER_PASSWORD] [--device-user DEVICE_USER] [--device-password DEVICE_PASSWORD] [--noexit] [--controller CONTROLLER] [--insecure] [--noregion] [--override-host-header FORCE_HOST] [--verbosity VERBOSITY] [--sdkdebug SDKDEBUG] element[@client] ... cgxsh (1.0.0b1) optional arguments: -h, --help show this help message and exit cgxsh_args: CGXSH Arguments --controller-email CONTROLLER_EMAIL, -E CONTROLLER_EMAIL Use this email for controller login. --controller-password CONTROLLER_PASSWORD Use this password for controller login. NOT RECOMMENDED - Password will likely be stored in shell history. --device-user DEVICE_USER Use this user to login to the Element Toolkit. --device-password DEVICE_PASSWORD Use this password to login to the Element Toolkit. NOT RECOMMENDED - Password will likely be stored in shell history. --noexit If using commands, do not exit after running commands. Maintain interactive shell. element[@client] Element name or ID to connect to. If connecting as ESP/MSP account, @client name or ID is required. commands (Optional) Strings of space-separated Toolkit commands to run. Example: "set paging off" "dump lldp all" Controller Options: These options change how the program connects to the CloudGenix Controller --controller CONTROLLER, -C CONTROLLER Override Controller API URI. Default: https://api.elcapitan.cloudgenix.com --insecure, -I Do not verify API SSL certificate --noregion, -NR Ignore Region-based redirection. --override-host-header FORCE_HOST, -OH FORCE_HOST Force Host Header on API requests. Debug: These options enable debugging output --verbosity VERBOSITY, -V VERBOSITY CGXSH client verbosity. --sdkdebug SDKDEBUG, -D SDKDEBUG Enable CloudGenix SDK Debug output, levels 0-3
cgxsh\u通用型
usage: cgxsh_generic_ws [-h] [--no-format] [--show-keepalives] [--controller-email CONTROLLER_EMAIL] [--controller-password CONTROLLER_PASSWORD] [--controller CONTROLLER] [--insecure] [--noregion] [--override-host-header FORCE_HOST] [--verbosity VERBOSITY] [--sdkdebug SDKDEBUG] [[@client]] cgxsh_generic_ws (1.0.0b1) optional arguments: -h, --help show this help message and exit cgxsh_generic_ws args: CGXSH Generic WebSocket Client Arguments --no-format, -NF Disable output pretty-printing/formatting. --show-keepalives Show background keepalive messages --controller-email CONTROLLER_EMAIL, -E CONTROLLER_EMAIL Use this email for controller login. --controller-password CONTROLLER_PASSWORD Use this password for controller login. NOT RECOMMENDED - Password will likely be stored in shell history. [@client] If connecting as ESP/MSP account, @client name or ID is required. Controller Options: These options change how the program connects to the CloudGenix Controller --controller CONTROLLER, -C CONTROLLER Override Controller API URI. Default: https://api.elcapitan.cloudgenix.com --insecure, -I Do not verify API SSL certificate --noregion, -NR Ignore Region-based redirection. --override-host-header FORCE_HOST, -OH FORCE_HOST Force Host Header on API requests. Debug: These options enable debugging output --verbosity VERBOSITY, -V VERBOSITY CGXSH Generic WebSocket Client verbosity. --sdkdebug SDKDEBUG, -D SDKDEBUG Enable CloudGenix SDK Debug output, levels 0-3
cgxsh_编辑配置
usage: cgxsh_edit_config [-h] [--editor EDITOR] cgxsh_edit_config (1.0.0b1) optional arguments: -h, --help show this help message and exit cgxsh_edit_config: CGXSH Edit Configuration Arguments --editor EDITOR, -E EDITOR Use this program to edit configuration. Editor must supportfilename as first argument. Default: /usr/bin/vi
cgxsh_编辑配置
usage: cgxsh_decrypt_config [-h] [--force FORCE] cgxsh_decrypt_config (1.0.0b1) optional arguments: -h, --help show this help message and exit cgxsh_decrypt_config: CGXSH Decrypt Configuration Arguments --force FORCE, -F FORCE Export configurations to alternate file. Don't verify contents after decryption. Must specify filename to decrypt contents into, since config may be corrupt. Valid password is still required.
- 项目
标签: