Pillar and Inventory Examples
This section contains samples that could serve as a starting point to construct pillar for Nornir Proxy Minion on salt-master machine.
Arista cEOS
Below inventory can be used with Arista cEOS and contains parameters for these connection plugins:
Netmiko - uses SSH and platform
arista_eosunder base arguments definitionNAPALM - uses Arista eAPI over HTTP port 80 and platform
eosas specified in eos_params group’sconnection_optionsNcclient - as specified in eos_params group’s
connection_optionsuses port 830 with default device typePyATS - for ceos1 has multiple connections defined, including a pool of 3 connections for
vty_1connection. For ceos2 parameters sourced from base arguments.HTTP - uses port 6020 over HTTPS as specified in eos_params group’s
connection_optionsScrapli - uses SSH without verifying the keys, platform
arista_eosas specified in eos_params group’sconnection_optionsScrapli-Netconf - uses SSH paramiko transport with port 830 as specified in eos_params group’s
connection_optionsPyGNMI - uses port 6030 allowing insecure connection as specified in eos_params group’s
connection_options
proxy:
proxytype: nornir
multiprocessing: True
hosts:
ceos1:
hostname: 10.0.1.4
platform: arista_eos
groups: [creds, eos_params]
connection_options:
pyats:
extras:
devices:
ceos1:
os: eos
credentials:
default:
username: nornir
password: nornir
connections:
default:
protocol: ssh
ip: 10.0.1.4
port: 22
vty_1:
protocol: ssh
ip: 10.0.1.4
pool: 3
ceos2:
hostname: 10.0.1.5
platform: arista_eos
groups: [creds, eos_params]
connection_options:
pyats:
platform: eos
extras:
devices:
ceos2: {}
groups:
creds:
username: nornir
password: nornir
eos_params:
connection_options:
scrapli:
platform: arista_eos
extras:
auth_strict_key: False
ssh_config_file: False
scrapli_netconf:
port: 830
extras:
ssh_config_file: True
auth_strict_key: False
transport: paramiko
transport_options:
# refer to https://github.com/saltstack/salt/issues/59962 for details
# on why need netconf_force_pty False
netconf_force_pty: False
napalm:
platform: eos
extras:
optional_args:
transport: http
port: 80
ncclient:
port: 830
extras:
allow_agent: False
hostkey_verify: False
http:
port: 6020
extras:
transport: https
verify: False
base_url: "restconf/data"
headers:
Content-Type: "application/yang-data+json"
Accept: "application/yang-data+json"
pygnmi:
port: 6030
extras:
insecure: True
Cisco IOS-XE
Below inventory can be used with Cisco IOSXE based devices and contains parameters for these connection plugins:
Netmiko - uses SSH and platform
cisco_iosunder base arguments definitionPyATS - uses
iosxeplatform with SSH protocol on port 22 as specified inconnection_optionsHTTP - uses HTTPS transport on port 443 with base url “restconf/data” as specified in
connection_optionsNcclient - uses port 830 with platform name
iosxeas specified inconnection_optionsScrapli-Netconf - uses port 830 with paramiko transport as specified in
connection_optionsNAPALM - uses SSH and platform
iosas specified inconnection_optionsScrapli - uses SSH and platform
cisco_iosxewithout verifying SSH keys as specified inconnection_options
proxy:
proxytype: nornir
multiprocessing: True
hosts:
csr1000v-1:
hostname: sandbox-iosxe-latest-1.cisco.com
platform: cisco_ios
username: developer
password: C1sco12345
port: 22
connection_options:
pyats:
extras:
devices:
csr1000v-1:
os: iosxe
connections:
default:
ip: 131.226.217.143
protocol: ssh
port: 22
napalm:
platform: ios
scrapli:
platform: cisco_iosxe
extras:
auth_strict_key: False
ssh_config_file: False
http:
port: 443
extras:
transport: https
verify: False
base_url: "restconf/data"
headers:
Content-Type: "application/yang-data+json"
Accept: "application/yang-data+json"
ncclient:
port: 830
extras:
allow_agent: False
hostkey_verify: False
device_params:
name: iosxe
scrapli_netconf:
port: 830
extras:
transport: paramiko
ssh_config_file: True
auth_strict_key: False
transport_options:
netconf_force_pty: False
Cisco IOSXR
Below inventory can be used with Cisco IOSXR based devices and contains parameters for these connection plugins:
Netmiko - uses SSH and platform
cisco_xrunder base arguments definitionNcclient - uses port 830 with platform name
iosxras specified inconnection_optionsScrapli-Netconf - uses port 830 as specified in
connection_optionsNAPALM - uses SSH and platform
iosxras specified inconnection_optionsScrapli - uses SSH and platform
cisco_iosxrwithout verifying SSH keys as specified inconnection_optionsPyATS - uses
iosxrplatform with SSH protocol on port 22 as specified inconnection_options
proxy:
proxytype: nornir
multiprocessing: True
hosts:
iosxr1:
hostname: sandbox-iosxr-1.cisco.com
platform: cisco_xr
username: admin
password: "C1sco12345"
port: 22
connection_options:
pyats:
extras:
devices:
iosxr1:
os: iosxr
connections:
default:
ip: 131.226.217.150
protocol: ssh
port: 22
napalm:
platform: iosxr
scrapli:
platform: cisco_iosxr
extras:
auth_strict_key: False
ssh_config_file: False
ncclient:
port: 830
extras:
allow_agent: False
hostkey_verify: False
device_params:
name: iosxr
scrapli_netconf:
port: 830
extras:
ssh_config_file: True
auth_strict_key: False
transport_options:
netconf_force_pty: False
Cisco NXOS
Below inventory can be used with Cisco NXOS based devices and contains parameters for these connection plugins:
Netmiko - uses SSH and platform
nxos_sshunder base arguments definitionNcclient - uses port 830 with platform name
nexusas specified inconnection_optionsScrapli-Netconf - uses port 830 as specified in
connection_optionsNAPALM - uses SSH and platform
nxos_sshas specified inconnection_optionsScrapli - uses SSH and platform
cisco_nxoswithout verifying SSH keys as specified inconnection_optionsPyATS - uses
nxosplatform with SSH protocol on port 22 as specified inconnection_options
proxy:
proxytype: nornir
multiprocessing: True
hosts:
sandbox-nxos-1.cisco:
hostname: sandbox-nxos-1.cisco.com
platform: nxos_ssh
username: admin
password: "Admin_1234!"
port: 22
connection_options:
pyats:
extras:
devices:
sandbox-nxos-1.cisco:
os: nxos
connections:
default:
ip: 131.226.217.151
protocol: ssh
port: 22
napalm:
platform: nxos_ssh
scrapli:
platform: cisco_nxos
extras:
auth_strict_key: False
ssh_config_file: False
ncclient:
port: 830
extras:
allow_agent: False
hostkey_verify: False
device_params:
name: nexus
scrapli_netconf:
port: 830
extras:
ssh_config_file: True
auth_strict_key: False
transport_options:
netconf_force_pty: False
Juniper Junos
Below inventory can be used with Juniper Junos based devices (tested with vMX) and contains parameters for these connection plugins:
Netmiko - uses SSH and platform
juniper_junosunder base arguments definitionNcclient - uses port 830 with platform name
junosas specified inconnection_options.extras.device_paramsScrapli-Netconf - uses port 830 platform
juniper_junosas specified inconnection_optionsScrapli - uses SSH and platform
juniper_junoswithout verifying SSH keys as specified inconnection_optionsNAPALM - uses platform
junosas specified inconnection_optionswith additional Junos driver parameters inconnection_options.extras.optional_args
proxy:
proxytype: nornir
hosts:
vmx1:
hostname: 192.168.217.150
platform: juniper_junos
username: nornir
password: nornir
connection_options:
ncclient:
port: 830
extras:
hostkey_verify: false
device_params:
name: junos
scrapli_netconf:
port: 830
extras:
transport: system # or paramiko, ssh2
ssh_config_file: True
auth_strict_key: False
scrapli:
platform: juniper_junos
port: 22
extras:
transport: system # or asyncssh, ssh2, paramiko
auth_strict_key: false
ssh_config_file: false
napalm:
platform: junos
extras:
optional_args:
auto_probe: 0
config_private: False