Skip to content

Commit

Permalink
Add model for Aruba Instant
Browse files Browse the repository at this point in the history 
- Split model Arubainstant from AOS 8 (aosw)
- Add a Unit test
- Document HPE Aruba Models
- Closes #3057
  • Loading branch information
@robertcheramy
robertcheramy committed Nov 20, 2024
1 parent ecde1de commit db0959b
Show file tree
Hide file tree
Showing 7 changed files with 382 additions and 2 deletions.
1 change: 1 addition & 0 deletions CHANGELOG.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/).
- container-image: install x25519 gem package to support more ssh kex. Fixes #3070 (@benasse)
- os6: Added support to Dell EMC Networking OS6 (@anubisg1)
- Update net-ssh to 7.3 to enable support for aes(128|256)gcm. Fixes #3168 (@jacobw)
- model for HPE Aruba Networking Instant Mode (Aruba Instant). Fixes #3057 (@robertcheramy)

### Changed
- h3c: change prompt to expect either angle (user-view) or square (system-view) brackets (@nl987)
Expand Down
31 changes: 31 additions & 0 deletions docs/Model-Notes/HPEAruba.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,31 @@
# HPE Aruba Networking devices
HPE Aruba offers various networking devices with different operating systems.

## HPE Aruba Networking Instant Mode (Aruba Instant)
[Aruba Instant](https://www.arubanetworks.com/techdocs/ArubaDocPortal/content/cons-instant-home.htm)
runs on IAPs (Instant Access points).

The Oxidized model is [ArubaInstant](/lib/oxidized/model/arubainstant.rb).
When run on the virtual WLAN controller, it will also collect the list of the
WLAN-AP linked to the controller.

The aosw model for AOS 8 used to be used for Aruba Instant, but it does not work
as well and may stop working in the future.

## HPE Aruba Networking Wireless Operating System 8 (AOS 8)
[AOS 8](https://www.arubanetworks.com/techdocs/ArubaDocPortal/content/cons-aos-home.htm)
runs on WLAN controllers (mobility controllers) and controller-managed access
points.

The Oxidized model is [aosw](/lib/oxidized/model/aosw.rb).

## HPE Aruba Networking CX Switch Operating System (AOS-CX)
[AOS-CX](https://www.arubanetworks.com/techdocs/AOS-CX/help_portal/Content/home.htm)
is the operating system for the newer CX-Series.

The Oxidized model is [aoscx](/lib/oxidized/model/aoscx.rb).

## Older Models
Older Devices like ProCurve or 3Com/Comware are listed under the Vendor "HP" in
the [Supported OS Types](docs/Supported-OS-Types.md) list.

5 changes: 3 additions & 2 deletions docs/Supported-OS-Types.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,8 +20,9 @@
|Arbor Networks |ArbOS |[arbos](/lib/oxidized/model/arbos.rb) | |[ArbOS](Model-Notes/ArbOS.md)
|Arista |EOS |[eos](/lib/oxidized/model/eos.rb) | |[EOS](Model-Notes/EOS.md)
|Arris |C4CMTS |[c4cmts](/lib/oxidized/model/c4cmts.rb)
|Aruba |AOS-CX |[aoscx](/lib/oxidized/model/aoscx.rb) |@robertcheramy
| |AOSW |[Aaosw](/lib/oxidized/model/aosw.rb)
|Aruba |AOS-CX |[aoscx](/lib/oxidized/model/aoscx.rb) |@robertcheramy |[HPE Aruba](Model-Notes/HPEAruba.md)
| |AOSW |[aosw](/lib/oxidized/model/aosw.rb) |[HPE Aruba](Model-Notes/HPEAruba.md)
| |ArubaInstant |[arubainstant](/lib/oxidized/model/arubainstant.rb)|@robertcheramy |[HPE Aruba](Model-Notes/HPEAruba.md)
|Asterfusion |AsterNOS |[asternos](/lib/oxidized/model/asternos.rb)
|AudioCodes |AudioCodes |[audiocodes](/lib/oxidized/model/audiocodes.rb)
| |MediaPack MP-1xx, Mediant1000 |[audiocodesmp](/lib/oxidized/model/audiocodesmp.rb)
Expand Down
5 changes: 5 additions & 0 deletions examples/device-simulation/cmdsets/arubainstant
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
show version
show activate status
show aps
show running-config no-encrypt
exit
213 changes: 213 additions & 0 deletions examples/device-simulation/yaml/arubainstant_IAP515_8.10.0.6_VWLC.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,213 @@
---
init_prompt: |-
show tech-support and show tech-support supplemental are the two most useful outputs to collect for any kind of troubleshooting session.
OXRO-AP111117#\x20
commands:
show version: |-
show version
Aruba Operating System Software.
ArubaOS (MODEL: 515), Version 8.10.0.6 LSR
Website: http://www.arubanetworks.com
(c) Copyright 2023 Hewlett Packard Enterprise Development LP.
Compiled on 2023-02-14 at 18:20:29 PST (build 86193) by jenkins
FIPS Mode :disabled
AP uptime is 2 days 16 hours 32 minutes 26 seconds
Reboot Time and Cause: AP rebooted Fri Nov 15 14:59:50 UTC 2024; UI cmd at uptime 94D 5H 6M 31S: reload
OXRO-AP111117#\x20
show activate status: |-
show activate status
\r
IAP MAC Address :54:d7:e3:00:11:22
IAP Serial Number :CNQHAAAAAM
Cloud Activation Key :
Activate Server :device.arubanetworks.com
Activate Status :connection-failed
Activate fail reason :dns error
Provision interval :5 minutes
OXRO-AP111117#\x20
show aps: |-
show aps
\r
4 Access Points
---------------
Name IP Address Mode Spectrum Clients Type IPv6 Address Mesh Role Zone Serial # radio0 Channel radio0 Power (dBm) radio0 Utilization (%) radio0 Noise Floor (dBm) radio1 Channel radio1 Power (dBm) radio1 Utilization (%) radio1 Noise Floor (dBm) radio2 Channel radio2 Power (dBm) radio2 Utilization (%) radio2 Noise Floor (dBm) Need Antenna Config From Port Config Id Config Csum Ext SSID Active Age Link Local IP Address Uplink Port Hierarchy Mode Crash Info \x20
---- ---------- ---- -------- ------- ---- ------------ --------- ---- -------- -------------- ------------------ ---------------------- ------------------------ -------------- ------------------ ---------------------- ------------------------ -------------- ------------------ ---------------------- ------------------------ ------------------- --------- --------- ----------- --------------- --- --------------------- ----------- -------------- ---------- \x20
OXRO-AP111117 10.100.42.237* access enable 0 515(indoor) -- N/A - CNQHAAAAAM 36+ 18 3(good) -93(good) 1 9 7(good) -94(good) - - - - No none 0 1721 enable 2d:16h:30m:30s -- eth0 member No \x20
OXRO-AP122229 10.100.42.242 access enable 0 315(indoor) -- N/A - CNK9AAAAAN 44+ 18 3(good) -89(good) 6 9 11(good) -86(ok) - - - - No none 0 1721 enable 2d:16h:30m:13s -- eth0 member No \x20
OXRO-AP111118 10.100.42.241 access enable 0 515(indoor) -- N/A - CNQHAAAAAW 100+ 18 6(good) -90(good) 11 7 12(good) -95(good) - - - - No none 0 1721 enable 2d:16h:30m:9s -- eth0 member Yes \x20
OXRO-AP122223 10.100.42.238 access enable 0 315(indoor) -- N/A - CNH6AAAAA6 60+ 18 3(good) -92(good) 11 6 14(good) -91(good) - - - - No none 0 1721 enable 2d:16h:26m:45s -- eth0 member No \x20
OXRO-AP111117#\x20
show running-config no-encrypt: |-
show running-config no-encrypt
version 8.10.0.0-8.10.0
syslocation OXIDIZED
virtual-controller-country DE
virtual-controller-key AAAAAAAAAABBBBBBBBBBCCCCCCCCCC
name OXIDIZED-VC
organization Oxidized-Rocks
virtual-controller-ip 10.100.42.254
syslog-server 10.10.42.11 \x20
terminal-access
ntp-server 10.10.42.123
clock timezone Berlin 01 00
clock summer-time CEST recurring last sunday march 02:00 last sunday october 03:00
rf-band all
dynamic-radius-proxy
allow-new-aps
allowed-ap 54:d7:e3:00:11:22
allowed-ap 54:d7:e3:00:11:24
allowed-ap 7c:57:3c:00:11:2c
allowed-ap e8:26:89:00:11:26
snmp-server community AAAAAAAAAABBBBBBBBBBCCCCCCCCCC
snmp-server host 10.10.42.12 version 2c AAAAAAAAAABBBBBBBBBBCCCCCCCCCC inform
snmp-server host 10.10.42.13 version 2c AAAAAAAAAABBBBBBBBBBCCCCCCCCCC inform
hash-mgmt-password
hash-mgmt-user oxidized password hash AAAAAAAAAABBBBBBBBBBCCCCCCCCCC
hash-mgmt-user rocks password hash AAAAAAAAAABBBBBBBBBBCCCCCCCCCC usertype read-only
wlan access-rule default_wired_port_profile
index 0
rule any any match any any any permit
wlan access-rule 123-OXI--ED
utf8
index 2
rule any any match any any any permit
wlan ssid-profile 123-OXI--ED
enable
index 0
type employee
essid 123-OXI--ED
utf8
wpa-passphrase AAAAAAAAAABBBBBBBBBBCCCCCCCCCC
opmode wpa2-psk-aes
max-authentication-failures 0
vlan 123
dot11k
dot11v
mgmt-auth-server tacacs2
mgmt-auth-server tacacs1
wlan tacacs-server tacacs1
ip 10.10.42.21
key AAAAAAAAAABBBBBBBBBBCCCCCCCCCC
timeout 5
session-authorization
wlan tacacs-server tacacs2
ip 10.10.42.22
key AAAAAAAAAABBBBBBBBBBCCCCCCCCCC
timeout 5
session-authorization
OXRO-AP111117#\x20
exit: |-
exit
oxidized_output: |
# Aruba Operating System Software.
# ArubaOS (MODEL: 515), Version 8.10.0.6 LSR
# Website: http://www.arubanetworks.com
# (c) Copyright 2023 Hewlett Packard Enterprise Development LP.
# Compiled on 2023-02-14 at 18:20:29 PST (build 86193) by jenkins
# FIPS Mode :disabled
#\x20
#\x20
# IAP MAC Address :54:d7:e3:00:11:22
# IAP Serial Number :CNQHAAAAAM
#\x20
#\x20
# 4 Access Points
# ---------------
# Name IP Address Type IPv6 Address Serial #
# ---- ---------- ---- ------------ --------
# OXRO-AP111117 10.100.42.237* 515(indoor) -- CNQHAAAAAM
# OXRO-AP122229 10.100.42.242 315(indoor) -- CNK9AAAAAN
# OXRO-AP111118 10.100.42.241 515(indoor) -- CNQHAAAAAW
# OXRO-AP122223 10.100.42.238 315(indoor) -- CNH6AAAAA6
#\x20
version 8.10.0.0-8.10.0
syslocation OXIDIZED
virtual-controller-country DE
virtual-controller-key AAAAAAAAAABBBBBBBBBBCCCCCCCCCC
name OXIDIZED-VC
organization Oxidized-Rocks
virtual-controller-ip 10.100.42.254
syslog-server 10.10.42.11 \x20
terminal-access
ntp-server 10.10.42.123
clock timezone Berlin 01 00
clock summer-time CEST recurring last sunday march 02:00 last sunday october 03:00
rf-band all
dynamic-radius-proxy
allow-new-aps
allowed-ap 54:d7:e3:00:11:22
allowed-ap 54:d7:e3:00:11:24
allowed-ap 7c:57:3c:00:11:2c
allowed-ap e8:26:89:00:11:26
snmp-server community AAAAAAAAAABBBBBBBBBBCCCCCCCCCC
snmp-server host 10.10.42.12 version 2c AAAAAAAAAABBBBBBBBBBCCCCCCCCCC inform
snmp-server host 10.10.42.13 version 2c AAAAAAAAAABBBBBBBBBBCCCCCCCCCC inform
hash-mgmt-password
hash-mgmt-user oxidized password hash AAAAAAAAAABBBBBBBBBBCCCCCCCCCC
hash-mgmt-user rocks password hash AAAAAAAAAABBBBBBBBBBCCCCCCCCCC usertype read-only
wlan access-rule default_wired_port_profile
index 0
rule any any match any any any permit
wlan access-rule 123-OXI--ED
utf8
index 2
rule any any match any any any permit
wlan ssid-profile 123-OXI--ED
enable
index 0
type employee
essid 123-OXI--ED
utf8
wpa-passphrase AAAAAAAAAABBBBBBBBBBCCCCCCCCCC
opmode wpa2-psk-aes
max-authentication-failures 0
vlan 123
dot11k
dot11v
mgmt-auth-server tacacs2
mgmt-auth-server tacacs1
wlan tacacs-server tacacs1
ip 10.10.42.21
key AAAAAAAAAABBBBBBBBBBCCCCCCCCCC
timeout 5
session-authorization
wlan tacacs-server tacacs2
ip 10.10.42.22
key AAAAAAAAAABBBBBBBBBBCCCCCCCCCC
timeout 5
session-authorization\n\n\n
# End of YAML file
90 changes: 90 additions & 0 deletions lib/oxidized/model/arubainstant.rb
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,90 @@
class ArubaInstant < Oxidized::Model
using Refinements

# Aruba IAP, Instant Controller

comment '# '
prompt(/^[\w\:.@-]+[#>] $/)

cmd :all do |cfg|
# Remove command echo and prompt
cfg.cut_both
end

cmd :secret do |cfg|
cfg.gsub!(/ipsec (\S+)$/, 'ipsec <secret removed>')
cfg.gsub!(/community (\S+)$/, 'community <secret removed>')
cfg.gsub!(/^(snmp-server host [\d.]+ version 2c) \S+ (.*)$/, '\1 <secret removed> \2')
# MAS format: mgmt-user <username> <accesslevel> <password hash>
# IAP format (root user): mgmt-user <username> <password hash>
# IAP format: mgmt-user <username> <password hash> <access level>
cfg.gsub!(/mgmt-user (\S+) (root|guest-provisioning|network-operations|read-only|location-api-mgmt) (\S+)$/, 'mgmt-user \1 \2 <secret removed>') # MAS & Wireless Controler
cfg.gsub!(/mgmt-user (\S+) (\S+)( (read-only|guest-mgmt))?$/, 'mgmt-user \1 <secret removed> \3') # IAP
cfg.gsub!(/key (\S+)$/, 'key <secret removed>')
cfg.gsub!(/wpa-passphrase (\S+)$/, 'wpa-passphrase <secret removed>')
cfg.gsub!(/bkup-passwords (\S+)$/, 'bkup-passwords <secret removed>')
cfg.gsub!(/user (\S+) (\S+) (\S+)$/, 'user \1 <secret removed> \3')
cfg.gsub!(/virtual-controller-key (\S+)$/, 'virtual-controller-key <secret removed>')
cfg.gsub!(/^(hash-mgmt-user .* password \S+) \S+( usertype .*)?$/, '\1 <secret removed>\2')
cfg
end

# get software version
cmd 'show version' do |cfg|
out = ''
cfg.each_line do |line|
next if line =~ /^(Switch|AP) uptime is /

next if line =~ /^Reboot Time and Cause/

out += line
end
comment out
end

# Get serial number
cmd 'show activate status' do |cfg|
out = ''
cfg.each_line do |line|
next if line =~ /^Activate /

next if line =~ /^Provision interval/

next if line =~ /^Cloud Activation Key/

out += line
end
comment out + "\n"
end

# Get controlled WLAN-AP
cmd 'show aps' do |cfg|
out = ''
cfg.each_line do |line|
out += if line.match?(/^Name/)
line.sub(/^(Name +IP Address +).*(Type +IPv6 Address +).*(Serial #).*$/, '\1\2\3')
else
line.sub(/^(\S+ +\S+ +)(?:\S+ +){3}(\S+ +\S+ +)(?:\S+ +){2}(\S+) +.*$/, '\1\2\3')
end
end
comment out + "\n"
end

cmd 'show running-config no-encrypt'

cfg :telnet do
username(/^User:\s*/)
password(/^Password:\s*/)
end

cfg :telnet, :ssh do
if vars :enable
post_login do
cmd "enable", /^[pP]assword:/
cmd vars(:enable)
end
end
pre_logout 'exit' if vars :enable
pre_logout 'exit'
end
end
Loading

0 comments on commit db0959b

Please sign in to comment.