命令行访问ControllerBase CloudGenix ION故障排除工具箱。
cgxsh的Python项目详细描述
cgxsh(预览)
C大声G埃尼XSH厄尔(cgxsh)
命令行访问基于控制器的CloudGenix离子故障排除工具包。在
概要
cgxsh应用程序的目的是允许CloudGenix客户替换许多特定于设备的故障排除
传统上通过SSH和基于云的连接模型执行。在
这个实用程序试图表现出“ssh-like”的行为,但是有一些根本的区别。在
此实用程序应支持Windows(Win 10或更高版本)和Mac/Linux系统。在
要求
- 活动CloudGenix帐户
- Python>;=3.6
- 运行5.2.1+软件的CloudGenix IONs
- Python模块: 在
安装
- 通过PIP简单到
pip install cgxsh
命令/功能
cgxsh
- 使用CloudGenix云控制器的SSH替换控制台实用程序
- 简单的命令行用法:
cgxsh "Portland ION" - 默认为交互式会话,但也支持特定命令和退出:
cgxsh "Portland ION" "set paging off" "dump lldp all" - 多租户ESP/MSP支持:
cgxsh "Device_name"@"Tenant_Name" - 具有多租户支持和可选加密以存储凭据的配置文件
- 模糊匹配:
edwards-mbp-pro:cgxsh aaron$ cgxsh "Portland ION"
No match for Portland ION, best guesses:
1) Portland Sales Office ION, (86%)2) ION2K-A, (54%)3) ION2K-B, (54%)4) DHL-1, (36%)5) MAD-7K-1, (36%)6) MAD-7K-2, (36%)7) MAN-3K-1, (36%)
Select a number, or any other key to exit: 1
在 - 连接时操作的退出命令菜单:
^{pr2}$
在
cgxsh\u通用型
- 通用CloudGenix Websocket客户端,用于管理和试验订阅。在
- CloudGenix需要keepalive处理
- JSON输出格式。在
cgxsh创建默认配置
- 创建默认的cgxsh配置(在$HOME/.cgxsh中/配置yml)在
cgxsh_编辑配置
- 启动编辑器以编辑
cgxsh配置。
- Mac/Linux:Default/usr/bin/vi
- 窗口:默认记事本.exe在
在 - 处理配置的解密/重新加密(如果已加密)。在
cgxsh\u解密配置
- 如果需要,允许解密
cgxsh配置。在
cgxsh\u加密配置
- 加密
cgxsh配置(如果尚未加密)。在
许可证
pip install cgxshcgxsh "Portland ION"cgxsh "Portland ION" "set paging off" "dump lldp all"cgxsh "Device_name"@"Tenant_Name"edwards-mbp-pro:cgxsh aaron$ cgxsh "Portland ION" No match for Portland ION, best guesses: 1) Portland Sales Office ION, (86%)2) ION2K-A, (54%)3) ION2K-B, (54%)4) DHL-1, (36%)5) MAD-7K-1, (36%)6) MAD-7K-2, (36%)7) MAN-3K-1, (36%) Select a number, or any other key to exit: 1在
- 创建默认的cgxsh配置(在$HOME/.cgxsh中/配置yml)在
cgxsh_编辑配置
- 启动编辑器以编辑
cgxsh配置。- Mac/Linux:Default/usr/bin/vi
- 窗口:默认记事本.exe在
- 处理配置的解密/重新加密(如果已加密)。在
cgxsh\u解密配置
- 如果需要,允许解密
cgxsh配置。在
cgxsh\u加密配置
- 加密
cgxsh配置(如果尚未加密)。在
许可证
cgxsh配置。在cgxsh配置(如果尚未加密)。在麻省理工学院
版本
| Version | Build | Changes |
|---|---|---|
| 1.0.1 | b1 | Fix for Github issues #1 and #2 |
| 1.0.0 | b1 | Initial Release |
| 0.0.1 | b1 | Placeholder for future release. |
(可选)环境变量
AUTH_TOKEN或X_AUTH_TOKEN:CloudGenix控制器身份验证令牌(覆盖配置文件)CGXSH_CONFIG_PASSWORD:用于加载加密cgxsh配置的密码。在
使用信息和示例。
连接到名称匹配模糊且没有保存配置信息的离子
cgxsh \<ION name or ID>
edwards-mbp-pro:cgxsh aaron$ cgxsh "Portland ION" controller login: user@email.com controller password: No match for Portland ION, best guesses: 1) Portland Sales Office ION, (86%) 2) ION2K-A, (54%) 3) ION2K-B, (54%) 4) MAN-3K-1, (36%) 5) MAD-7K-2, (36%) 6) MAD-7K-1, (36%) 7) DHL-1, (36%) Select a number, or any other key to exit: 1 Connecting to Portland Sales Office ION (15608897741660166). Connected to 15608897741660166. Escape character is '^]'. ec2683ee-0d9c-8a64-3467-55121bb8a672 login: aaron Password: Last login: Tue Dec 17 22:47:18 UTC 2019 on pts/0 Portland Sales Office ION# dump standingalarms Code : NETWORK_VPNPEER_UNREACHABLE Ident : 15608901339660208 Severity : minor Raised : 2019-12-12 20:54:44.834 +0000 UTC (122h6m8.469335222s ago) Correlation ID : F70lP6T9 vpn_link_id : 15608901339570207 al_id : 15608896659530120 Portland Sales Office ION#
连接到配置文件中具有完全匹配名称和控制器/设备配置的离子
cgxsh \<ION name or ID>
edwards-mbp-pro:cgxsh aaron$ cgxsh "Portland Sales Office ION" Connecting to Portland Sales Office ION (15608897741660166). Connected to 15608897741660166. Escape character is '^]'. Last login: Tue Dec 17 22:52:46 UTC 2019 on pts/0 Portland Sales Office ION# dump standingalarms Code : NETWORK_VPNPEER_UNREACHABLE Ident : 15608901339660208 Severity : minor Raised : 2019-12-12 20:54:44.834 +0000 UTC (122h6m8.469335222s ago) Correlation ID : F70lP6T9 vpn_link_id : 15608901339570207 al_id : 15608896659530120 Portland Sales Office ION#
通过ESP/MSP帐户连接到分租户上的ION,并保存每个分租户的配置
cgxsh \<ION name or ID>
edwards-mbp-pro:cgxsh aaron$ cgxsh "Portland Sales Office ION"@MyCustomerClientZ No match for MyCustomerClientZ, best guesses: 1) MyCustomerClientA, (90%) 2) CustomerClientB, (22%) 3) CustomerClientC, (22%) 4) CustomerClientD, (22%) 5) CustomerClientE, (22%) 6) CustomerClientF, (22%) Select a number, or any other key to exit: 1 Connecting to Client MyCustomerClientA (MyCustomerClient_canonicalname). Connecting to Portland Sales Office ION (15608897741660166). Connected to 15608897741660166. Escape character is '^]'. Last login: Tue Dec 17 22:52:46 UTC 2019 on pts/0 Portland Sales Office ION# dump standingalarms Code : NETWORK_VPNPEER_UNREACHABLE Ident : 15608901339660208 Severity : minor Raised : 2019-12-12 20:54:44.834 +0000 UTC (122h6m8.469335222s ago) Correlation ID : F70lP6T9 vpn_link_id : 15608901339570207 al_id : 15608896659530120 Portland Sales Office ION#
管理连接到当前ION的cgxsh/web toolkit用户
Press escape char (CTRL-]) during cgxsh session
Portland Sales Office ION#
cgxsh> ?
Commands are:
send Send special characters (help send for more)
sdkdebug Enable/Disable API/WebSocket debug messages (help sdkdebug for more)
verbosity Change cgxsh message verbosity (help verbosity for more)
sessions View active Toolkit Websocket Sessions (help sessions for more)
sessions_kill View and kill/close active Toolkit Websocket Sessions (help sessions_kill for more)
quit Close the connection and exit.
close Close the connection and exit.
exit Close the connection and exit.
help Additional help on sub commands. eg: help <command>
Pressing <enter> on empty command line will return you to session.
cgxsh> sessions_kill element
Toolkit Sessions:
Index Element Operator Age State Session ID
------- ------------------------- ------------------------ -------- ------- ----------------------------------------
1 Portland Sales Office ION aaron@cloudgenix.com 1h36m12s active 1576618422757015099992703857847609972162
2 Portland Sales Office ION otheruser@cloudgenix.com 9m9s active 1576623645452007700007702497325448497534
Total: 2
Enter Index to remove (range for multiple (eg. 1,3,5-10), or x to exit: 2
Planning to end the following sessions (index): 2.
Confirm? (y/n): y
Ended session 2 to Portland Sales Office ION.
cgxsh>
Portland Sales Office ION#
加密明文配置。
edwards-mbp-pro:cgxsh aaron$ cgxsh_encrypt_config Enter password to encrypt file: Confirm file encryption password: Saving encrypted configuration: Done. edwards-mbp-pro:cgxsh aaron$默认值>h5配置yml模板
---
type: cgxsh
version: 1.0
# This section allows you to specify a default AUTH_TOKEN, DEVICE_USER and DEVICE_PASSWORD. These will be used
# by default if others are not specified.
#
# For Controller authentication, AUTH_TOKEN is used first (if present.) If no AUTH_TOKEN, CONTROLLER_USER and
# CONTROLLER_PASSWORD are used. If those are missing or fail, login will be prompted.
#
# If the DEVICE_USER or DEVICE_PASSWORD fails, you will be prompted to finish logging in when connecting to the device.
DEFAULT:
AUTH_TOKEN:
CONTROLLER_USER:
CONTROLLER_PASSWORD:
DEVICE_USER:
DEVICE_PASSWORD:
# If you have a CloudGenix MSP/ESP portal account, you can specify the device access credentials on a per-client
# basis. If the client name is not an exact match, the credentials will not be used.
#
# Note: MSP/ESP client attachment requires DEFAULT: CONTROLLER_USERNAME/CONTROLLER_PASSOWRD. AUTH_TOKENs cannot be used.
ESP:
"Example Client1 Name Match":
DEVICE_USER:
DEVICE_PASSWORD:
"Example Client2 Name Match":
DEVICE_USER:
DEVICE_PASSWORD:
订阅通用websocket以获取推送配置更改消息(本例中为element,site)
cgxsh_generic_ws
edwards-mbp-pro:cgxsh aaron$ cgxsh_generic_ws
Connected.
> { "type": "PUT", "uri": "/v2.0/api/tenants/10006/subscriptions", "body": {"type": "config_change", "subscriptions": [{"resource_key": "elements"},{"resource_key": "sites"}] }}
< {
"type": "PUT",
"uri": "/v2.0/api/tenants/10006/subscriptions",
"body": {
"id": "15766253860930016",
"_etag": 1,
"_content_length": 0,
"_schema": 0,
"_created_on_utc": 15766253860930016,
"_updated_on_utc": 15766253860930016,
"_status_code": "200",
"_message_id": "1576625386053000499998772050152704482435",
"_request_id": "1576625386053000399991149536419934892671",
"subscriptions": [
{
"resource_key": "elements"
},
{
"resource_key": "sites"
}
],
"type": "config_change"
}
}
subsequent time later when configuration change on element occurs..
< {
"id": "15766254376560072",
"_created_on_utc": 15766254376560072,
"_updated_on_utc": 15766254376560072,
"_message_id": "1576625437641018399996760510275758800343",
"_request_id": "1576625437641018299992839389780516744938",
"operator_id": "15713488339050031",
"operator_tenant_id": "10006",
"esp_tenant_id": "123",
"request_id": "1576625437588017700003942214959372913327",
"source_ip": "96.64.220.253",
"resource_key": "elements",
"resource_id": "15608897741660166",
"resource_etag": 1728,
"resource_version": "v2.3",
"request_type": "PUT",
"request_uri": "/v2.3/api/tenants/10006/elements/15608897741660166",
"request_body": {
"_etag": 1727,
"_schema": 0,
"id": "15608897741660166",
"site_id": "15608896590040129",
"name": "Portland Sales Office ION",
"description": null,
"tags": [
"SNOW-high"
],
"sw_obj": null,
"cluster_insertion_mode": null,
"cluster_member_id": null,
"l3_direct_private_wan_forwarding": true,
"l3_lan_forwarding": true,
"vpn_to_vpn_forwarding": false,
"network_policysetstack_id": null,
"priority_policysetstack_id": null,
"nat_policysetstack_id": null,
"spoke_ha_config": null
},
"response_code": 200,
"response_body": {
"id": "15608897741660166",
"_etag": 1728,
"_content_length": "0",
"_schema": 0,
"_created_on_utc": 15608897741660166,
"_updated_on_utc": 15766254376080179,
"_status_code": "200",
"_request_id": "1576625437588017700003942214959372913327",
"_debug": null,
"_info": null,
"_warning": null,
"_error": null,
"tenant_id": "10006",
"site_id": "15608896590040129",
"software_version": "5.2.1-a85",
"hw_id": "ec2683ee-0d9c-8a64-3467-55121bb8a672",
"serial_number": "ec2683ee-0d9c-8a64-3467-55121bb8a672",
"model_name": "ion 3102v",
"name": "Portland Sales Office ION",
"description": null,
"role": "SPOKE",
"state": "bound",
"allowed_roles": [
"HUB",
"SPOKE"
],
"cluster_insertion_mode": null,
"cluster_member_id": null,
"l3_direct_private_wan_forwarding": true,
"l3_lan_forwarding": true,
"connected": true,
"admin_action": null,
"deployment_op": null,
"network_policysetstack_id": null,
"priority_policysetstack_id": null,
"spoke_ha_config": null,
"tags": [
"SNOW-high"
],
"nat_policysetstack_id": null,
"vpn_to_vpn_forwarding": false
},
"time_ms": 52,
"request_content_length": 439,
"response_content_length": 0,
"request_ts": 1576625437588,
"response_ts": 1576625437640
}
>
命令行参数
cgxsh
usage: cgxsh [-h] [--controller-email CONTROLLER_EMAIL]
[--controller-password CONTROLLER_PASSWORD]
[--device-user DEVICE_USER] [--device-password DEVICE_PASSWORD]
[--noexit] [--controller CONTROLLER] [--insecure] [--noregion]
[--override-host-header FORCE_HOST] [--verbosity VERBOSITY]
[--sdkdebug SDKDEBUG]
element[@client] ...
cgxsh (1.0.0b1)
optional arguments:
-h, --help show this help message and exit
cgxsh_args:
CGXSH Arguments
--controller-email CONTROLLER_EMAIL, -E CONTROLLER_EMAIL
Use this email for controller login.
--controller-password CONTROLLER_PASSWORD
Use this password for controller login. NOT
RECOMMENDED - Password will likely be stored in shell
history.
--device-user DEVICE_USER
Use this user to login to the Element Toolkit.
--device-password DEVICE_PASSWORD
Use this password to login to the Element Toolkit. NOT
RECOMMENDED - Password will likely be stored in shell
history.
--noexit If using commands, do not exit after running commands.
Maintain interactive shell.
element[@client] Element name or ID to connect to. If connecting as
ESP/MSP account, @client name or ID is required.
commands (Optional) Strings of space-separated Toolkit commands
to run. Example: "set paging off" "dump lldp all"
Controller Options:
These options change how the program connects to the CloudGenix Controller
--controller CONTROLLER, -C CONTROLLER
Override Controller API URI. Default:
https://api.elcapitan.cloudgenix.com
--insecure, -I Do not verify API SSL certificate
--noregion, -NR Ignore Region-based redirection.
--override-host-header FORCE_HOST, -OH FORCE_HOST
Force Host Header on API requests.
Debug:
These options enable debugging output
--verbosity VERBOSITY, -V VERBOSITY
CGXSH client verbosity.
--sdkdebug SDKDEBUG, -D SDKDEBUG
Enable CloudGenix SDK Debug output, levels 0-3
cgxsh\u通用型
usage: cgxsh_generic_ws [-h] [--no-format] [--show-keepalives]
[--controller-email CONTROLLER_EMAIL]
[--controller-password CONTROLLER_PASSWORD]
[--controller CONTROLLER] [--insecure] [--noregion]
[--override-host-header FORCE_HOST]
[--verbosity VERBOSITY] [--sdkdebug SDKDEBUG]
[[@client]]
cgxsh_generic_ws (1.0.0b1)
optional arguments:
-h, --help show this help message and exit
cgxsh_generic_ws args:
CGXSH Generic WebSocket Client Arguments
--no-format, -NF Disable output pretty-printing/formatting.
--show-keepalives Show background keepalive messages
--controller-email CONTROLLER_EMAIL, -E CONTROLLER_EMAIL
Use this email for controller login.
--controller-password CONTROLLER_PASSWORD
Use this password for controller login. NOT
RECOMMENDED - Password will likely be stored in shell
history.
[@client] If connecting as ESP/MSP account, @client name or ID
is required.
Controller Options:
These options change how the program connects to the CloudGenix Controller
--controller CONTROLLER, -C CONTROLLER
Override Controller API URI. Default:
https://api.elcapitan.cloudgenix.com
--insecure, -I Do not verify API SSL certificate
--noregion, -NR Ignore Region-based redirection.
--override-host-header FORCE_HOST, -OH FORCE_HOST
Force Host Header on API requests.
Debug:
These options enable debugging output
--verbosity VERBOSITY, -V VERBOSITY
CGXSH Generic WebSocket Client verbosity.
--sdkdebug SDKDEBUG, -D SDKDEBUG
Enable CloudGenix SDK Debug output, levels 0-3
cgxsh_编辑配置
usage: cgxsh_edit_config [-h] [--editor EDITOR]
cgxsh_edit_config (1.0.0b1)
optional arguments:
-h, --help show this help message and exit
cgxsh_edit_config:
CGXSH Edit Configuration Arguments
--editor EDITOR, -E EDITOR
Use this program to edit configuration. Editor must
supportfilename as first argument. Default:
/usr/bin/vi
cgxsh_编辑配置
usage: cgxsh_decrypt_config [-h] [--force FORCE]
cgxsh_decrypt_config (1.0.0b1)
optional arguments:
-h, --help show this help message and exit
cgxsh_decrypt_config:
CGXSH Decrypt Configuration Arguments
--force FORCE, -F FORCE
Export configurations to alternate file. Don't verify
contents after decryption. Must specify filename to
decrypt contents into, since config may be corrupt.
Valid password is still required.
- 项目
标签:
欢迎加入QQ群-->: 979659372
