drivers/CiscoCatalyst.py

#! /usr/bin/python

#  Copyright 2014 Linaro Limited
#
#  This program is free software; you can redistribute it and/or modify
#  it under the terms of the GNU General Public License as published by
#  the Free Software Foundation; either version 2 of the License, or
#  (at your option) any later version.
#
#  This program is distributed in the hope that it will be useful,
#  but WITHOUT ANY WARRANTY; without even the implied warranty of
#  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
#  GNU General Public License for more details.
#
#  You should have received a copy of the GNU General Public License
#  along with this program; if not, write to the Free Software
#  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
#  MA 02110-1301, USA.

import logging
import pexpect
import sys
import time
import re
from common import SwitchDriver

class CiscoCatalyst(SwitchDriver):

    connection = None

    _capabilities = [
        'TrunkWildCardVlans' # Trunk ports are on all VLANs by
                             # default, so we shouldn't need to
                             # bugger with them
    ]

    # Regexp of expected hardware information - fail if we don't see
    # this
    _expected_descr_re = re.compile('WS-C\S+-\d+P')

    logfile = None

    def __init__(self, switch_hostname, switch_telnetport=23, debug = False):
        if debug:
            self.logfile = sys.stderr
        self.exec_string = "/usr/bin/telnet %s %d" % (switch_hostname, switch_telnetport)

    ################################
    ### Switch-level API functions
    ################################

    # Connect to the switch and log in
    def switch_connect(self, username, password, enablepassword):
        logging.debug("Connecting to Switch with: %s" % self.exec_string)
        self.connection = pexpect.spawn(self.exec_string, logfile = self.logfile)
        self._login(username, password, enablepassword)

        # Try to avoid paged output
        self._cli("terminal length 0")

        # And grab details about the switch. in case we need it
        self._get_systemdata()

        # And also validate them - make sure we're driving a switch of
        # the correct model! Also store the serial number
        descr_regex = re.compile('^cisco\s+(\S+)')
        sn_regex = re.compile('System serial number\s+:\s+(\S+)')
        descr = ""

        for line in self._systemdata:
            match = descr_regex.match(line)
            if match:
                descr = match.group(1)
            match = sn_regex.match(line)
            if match:
                self.serial_number = match.group(1)

        logging.debug("serial number is %s" % self.serial_number)
        logging.debug("system description is %s" % descr)

        if not self._expected_descr_re.match(descr):
            raise IOError("Switch %s not recognised by this driver: abort" % descr)

        # Now build a list of our ports, for later sanity checking
        self._ports = self._get_port_names()
        if len(self._ports) < 4:
            raise IOError("Not enough ports detected - problem!")

    # Log out of the switch and drop the connection and all state
    def switch_disconnect(self):
        self._logout()
        logging.debug("Closing connection: %s" % self.connection)
        self.connection.close(True)
        del(self)

    # Save the current running config into flash - we want config to
    # remain across reboots
    def switch_save_running_config(self):
        self._cli("copy running-config startup-config")
        self.connection.expect("startup-config")
        self._cli("startup-config")
        self.connection.expect("OK")

    # Restart the switch - we need to reload config to do a
    # roll-back. Do NOT save running-config first if the switch asks -
    # we're trying to dump recent changes, not save them.
    #
    # This will also implicitly cause a connection to be closed 
    def switch_restart(self):
        self._cli("reload")
        index = self.connection.expect(['has been modified', 'Proceed'])
        if index == 0:
            self._cli("n") # No, don't save
            self.connection.expect("Proceed")

        # Fall through
        self._cli("y") # Yes, continue to reset
        self.connection.close(True)

    # List the capabilities of the switch (and driver) - some things
    # make no sense to abstract. Returns a dict of strings, each one
    # describing an extra feature that that higher levels may care
    # about
    def switch_get_capabilities(self):
        return self._capabilities

    ################################
    ### VLAN API functions
    ################################

    # Create a VLAN with the specified tag
    def vlan_create(self, tag):
        logging.debug("Creating VLAN %d" % tag)
        self._configure()
        self._cli("vlan %d" % tag)
        self._end_configure()

        # Validate it happened
        vlans = self.vlan_get_list()
        for vlan in vlans:
            if vlan == tag:
                return
        raise IOError("Failed to create VLAN %d" % tag)

    # Destroy a VLAN with the specified tag
    def vlan_destroy(self, tag):
        logging.debug("Destroying VLAN %d" % tag)
        self._configure()
        self._cli("no vlan %d" % tag)
        self._end_configure()

        # Validate it happened
        vlans = self.vlan_get_list()
        for vlan in vlans:
            if vlan == tag:
                raise IOError("Failed to destroy VLAN %d" % tag)

    # Set the name of a VLAN
    def vlan_set_name(self, tag, name):
        logging.debug("Setting name of VLAN %d to %s" % (tag, name))
        self._configure()
        self._cli("vlan %d" % tag)
        self._cli("name %s" % name)
        self._end_configure()

        # Validate it happened
        read_name = self.vlan_get_name(tag)
        if read_name != name:
            raise IOError("Failed to set name for VLAN %d (name found is \"%s\", not \"%s\")"
                          % (tag, read_name, name))

    # Get a list of the VLAN tags currently registered on the switch
    def vlan_get_list(self):
        logging.debug("Grabbing list of VLANs")
        vlans = []

        regex = re.compile('^ *(\d+).*(active)')

        self._cli("show vlan brief")
        for line in self._read_long_output():
            match = regex.match(line)
            if match:
                vlans.append(int(match.group(1)))
        return vlans

    # For a given VLAN tag, ask the switch what the associated name is
    def vlan_get_name(self, tag):
        logging.debug("Grabbing the name of VLAN %d" % tag)
        name = None
        regex = re.compile('^ *\d+\s+(\S+).*(active)')
        self._cli("show vlan id %d" % tag)
        for line in self._read_long_output():
            match = regex.match(line)
            if match:
                name = match.group(1)
        name.strip()
        return name
        

    ################################
    ### Port API functions
    ################################

    # Set the mode of a port: access or trunk
    def port_set_mode(self, port, mode):
        logging.debug("Setting port %s to %s" % (port, mode))
        if not self._is_port_mode_valid(mode):
            raise IndexError("Port mode %s is not allowed" % mode)
        if not self._is_port_name_valid(port):
            raise IndexError("Port name %s not recognised" % port)

        self._configure()
        self._cli("interface %s" % port)
        self._cli("switchport mode %s" % mode)
        if mode == "trunk":
            self._cli("switchport trunk encapsulation dot1q")
        self._end_configure()

        # Validate it happened
        read_mode = self.port_get_mode(port)

        if read_mode != mode:
            raise IOError("Failed to set mode for port %s" % port)

    # Get the mode of a port: access or trunk
    def port_get_mode(self, port):
        logging.debug("Getting mode of port %s" % port)
        mode = ''
        if not self._is_port_name_valid(port):
            raise IndexError("Port name %s not recognised" % port)
        regex = re.compile('Administrative Mode: (.*)')
        self._cli("show interfaces %s switchport" % port)
        for line in self._read_long_output():
            match = regex.match(line)
            if match:
                mode = match.group(1)
                if mode == 'static access':
                    return 'access'
                if mode == 'dynamic auto':
                    return 'trunk'
        return mode

    # Set an access port to be in a specified VLAN (tag)
    def port_set_access_vlan(self, port, tag):
        logging.debug("Setting access port %s to VLAN %d" % (port, tag))
        if not self._is_port_name_valid(port):
            raise IndexError("Port name %s not recognised" % port)
        if not (self.port_get_mode(port) == "access"):
            raise IndexError("Port %s not in access mode" % port)

        self._configure()
        self._cli("interface %s" % port)
        self._cli("switchport access vlan %d" % tag)
        self._cli("no shutdown")
        self._end_configure()

        # Finally, validate things worked
        read_vlan = int(self.port_get_access_vlan(port))
        if read_vlan != tag:
            raise IOError("Failed to move access port %d to VLAN %d - got VLAN %d instead"
                          % (port, tag, read_vlan))

    # Add a trunk port to a specified VLAN (tag)
    def port_add_trunk_to_vlan(self, port, tag):
        logging.debug("Adding trunk port %s to VLAN %d" % (port, tag))
        if not self._is_port_name_valid(port):
            raise IndexError("Port name %s not recognised" % port)
        if not (self.port_get_mode(port) == "trunk"):
            raise IndexError("Port %s not in trunk mode" % port)
        self._configure()
        self._cli("interface %s" % port)
        self._cli("switchport trunk allowed vlan add %d" % tag)
        self._end_configure()        

        # Validate it happened
        read_vlans = self.port_get_trunk_vlan_list(port)
        for vlan in read_vlans:
            if vlan == tag or vlan == "ALL":
                return
        raise IOError("Failed to add trunk port %s to VLAN %d" % (port, tag))
        
    # Remove a trunk port from a specified VLAN (tag)
    def port_remove_trunk_from_vlan(self, port, tag):
        logging.debug("Removing trunk port %s from VLAN %d" % (port, tag))
        if not self._is_port_name_valid(port):
            raise IndexError("Port name %s not recognised" % port)
        if not (self.port_get_mode(port) == "trunk"):
            raise IndexError("Port %s not in trunk mode" % port)
        self._configure()
        self._cli("interface %s" % port)
        self._cli("switchport trunk allowed vlan remove %d" % tag)
        self._end_configure()        

        # Validate it happened
        read_vlans = self.port_get_trunk_vlan_list(port)
        for vlan in read_vlans:
            if vlan == tag:
                raise IOError("Failed to remove trunk port %s from VLAN %d" % (port, tag))

    # Get the configured VLAN tag for an access port (tag)
    def port_get_access_vlan(self, port):
        logging.debug("Getting VLAN for access port %s" % port)
        vlan = 1
        if not self._is_port_name_valid(port):
            raise IndexError("Port name %s not recognised" % port)
        if not (self.port_get_mode(port) == "access"):
            raise IndexError("Port %s not in access mode" % port)
        regex = re.compile('Access Mode VLAN: (\d+)')
        self._cli("show interfaces %s switchport" % port)
        for line in self._read_long_output():
            match = regex.match(line)
            if match:
                vlan = match.group(1)
        return int(vlan)

    # Get the list of configured VLAN tags for a trunk port
    def port_get_trunk_vlan_list(self, port):
        logging.debug("Getting VLANs for trunk port %s" % port)
        vlans = [ ]
        if not self._is_port_name_valid(port):
            raise IndexError("Port name %s not recognised" % port)
        if not (self.port_get_mode(port) == "trunk"):
            raise IndexError("Port %s not in trunk mode" % port)
        regex_start = re.compile('Trunking VLANs Enabled: (.*)')
        regex_continue = re.compile('\s*(\d.*)')
        self._cli("show interfaces %s switchport" % port)

        # Horrible parsing work - VLAN list may extend over several lines
        in_match = False
        vlan_text = ''
        
        for line in self._read_long_output():
            if in_match:
                match = regex_continue.match(line)
                if match:
                    vlan_text += match.group(1)
                    next
                else:
                    in_match = False
                    next
            else:
                match = regex_start.match(line)
                if match:
                    vlan_text += match.group(1)
                    in_match = True

        vlans = self._parse_vlan_list(vlan_text)

        return vlans

    ################################
    ### Internal functions
    ################################

    def _login(self, username, password, enablepassword):
        logging.debug("attempting login with username %s, password %s" % (username, password))
        self.connection.expect('User Access Verification')
        if username is not None:
            self.connection.expect("User Name:")
            self._cli("%s" % username)
        if password is not None:
            self.connection.expect("Password:")
            self._cli("%s" % password, False)
        while True:
            index = self.connection.expect(['User Name:', 'Password:', 'Bad passwords', 'authentication failed', r'(.*)(#|>)'])
            if index != 4: # Any other means: failed to log in!
                logging.error("Login failure: index %d\n" % index)
                logging.error("Login failure: %s\n" % self.connection.match.before)
                raise IOError

            # else
            self._prompt_name = self.connection.match.group(1).strip()
            if self.connection.match.group(2) == ">":
                # Need to enter "enable" mode too
                self._cli("enable")
                if enablepassword is not None:
                    self.connection.expect("Password:")
                    self._cli("%s" % enablepassword, False)
                    index = self.connection.expect(['Password:', 'Bad passwords', 'authentication failed', r'(.*)(#|>)'])
                    if index != 3: # Any other means: failed to log in!
                        logging.error("Enable password failure: %s\n" % self.connection.match)
                        raise IOError
                return 0

    def _logout(self):
        logging.debug("Logging out")
        self._cli("exit", False)

    def _configure(self):
        self._cli("configure terminal")

    def _end_configure(self):
        self._cli("end")

    def _read_long_output(self):
        prompt = self._prompt_name + '#'
        self.connection.expect(prompt)
        return self.connection.before.split('\r\n')

    def _get_port_names(self):
        logging.debug("Grabbing list of ports")
        interfaces = []

        # Use "Up" or "Down" to only identify lines in the output that
        # match interfaces that exist
        regex = re.compile('^\s*([a-zA-Z0-9_/]*).*(connect)(.*)')
        regex1 = re.compile('.*Not Present.*')
        regex2 = re.compile('.*routed.*')

        self._cli("show interfaces status")
        for line in self._read_long_output():
            match = regex.match(line)
            if match:
                interface = match.group(1)
                junk = match.group(3)
                match1 = regex1.match(junk) # Deliberately drop things
                                            # marked as "Not Present"
                match2 = regex2.match(junk) # Deliberately drop things
                                            # marked as "routed"
                if not match1 and not match2:
                    interfaces.append(interface)
        return interfaces

    def _show_config(self):
        logging.debug("Grabbing config")
        self._cli("show running-config")
        return self._read_long_output()

    def _show_clock(self):
        logging.debug("Grabbing time")
        self._cli("show clock")
        return self._read_long_output()

    def _get_systemdata(self):
        logging.debug("Grabbing system sw and hw versions")

        self._cli("show version")
        self._systemdata = []
        for line in self._read_long_output():
            self._systemdata.append(line)

    def _parse_vlan_list(self, inputdata):
        vlans = []

        if inputdata == "ALL":
            return ["ALL"]
        elif inputdata == "NONE":
            return []
        else:
            # Parse the complex list
            groups = inputdata.split(',')
            for group in groups:
                subgroups = group.split('-')
                if len(subgroups) == 1:
                    vlans.append(int(subgroups[0]))
                elif len(subgroups) == 2:
                    for i in range (int(subgroups[0]), int(subgroups[1]) + 1):
                        vlans.append(i)
                else:
                    logging.debug("Can't parse group \"" + group + "\"")

        return vlans

    # Wrapper around connection.send - by default, expect() the same
    # text we've sent, to remove it from the output from the
    # switch. For the few cases where we don't need that, override
    # this using echo=False.
    # Horrible, but seems to work.
    def _cli(self, text, echo=True):
        self.connection.send(text + '\r')
        if echo:
            self.connection.expect(text)

if __name__ == "__main__":

    import optparse

    switch = 'vlandswitch01'
    parser = optparse.OptionParser()
    parser.add_option("--switch",
                      dest = "switch",
                      action = "store",
                      nargs = 1,
                      type = "string",
                      help = "specify switch to connect to for testing",
                      metavar = "<switch>")
    (opts, args) = parser.parse_args()
    if opts.switch:
        switch = opts.switch

    p = CiscoCatalyst(switch, 23, debug=True)
    p.switch_connect(None, 'lngvirtual', 'lngenable')

    print "VLANs are:"
    buf = p.vlan_get_list()
    p._dump_list(buf)

    buf = p.vlan_get_name(2)
    print "VLAN 2 is named \"%s\"" % buf

    print "Create VLAN 3"
    p.vlan_create(3)

    buf = p.vlan_get_name(3)
    print "VLAN 3 is named \"%s\"" % buf

    print "Set name of VLAN 3 to test333"
    p.vlan_set_name(3, "test333")

    buf = p.vlan_get_name(3)
    print "VLAN 3 is named \"%s\"" % buf

    print "VLANs are:"
    buf = p.vlan_get_list()
    p._dump_list(buf)

    print "Destroy VLAN 3"
    p.vlan_destroy(3)

    print "VLANs are:"
    buf = p.vlan_get_list()
    p._dump_list(buf)

    buf = p.port_get_mode("Gi1/0/10")
    print "Port Gi1/0/10 is in %s mode" % buf

    buf = p.port_get_mode("Gi1/0/11")
    print "Port Gi1/0/11 is in %s mode" % buf

    # Test access stuff
    print "Set Gi1/0/9 to access mode"
    p.port_set_mode("Gi1/0/9", "access")

    print "Move Gi1/0/9 to VLAN 4"
    p.port_set_access_vlan("Gi1/0/9", 4)
 
    buf = p.port_get_access_vlan("Gi1/0/9")
    print "Read from switch: Gi1/0/9 is on VLAN %s" % buf
   
    print "Move Gi1/0/9 back to VLAN 1"
    p.port_set_access_vlan("Gi1/0/9", 1)
 
    # Test access stuff
    print "Set Gi1/0/9 to trunk mode"
    p.port_set_mode("Gi1/0/9", "trunk")
    print "Read from switch: which VLANs is Gi1/0/9 on?"
    buf = p.port_get_trunk_vlan_list("Gi1/0/9")
    p._dump_list(buf)
    print "Add Gi1/0/9 to VLAN 2"
    p.port_add_trunk_to_vlan("Gi1/0/9", 2)
    print "Add Gi1/0/9 to VLAN 3"
    p.port_add_trunk_to_vlan("Gi1/0/9", 3)
    print "Add Gi1/0/9 to VLAN 4"
    p.port_add_trunk_to_vlan("Gi1/0/9", 4)
    print "Read from switch: which VLANs is Gi1/0/9 on?"
    buf = p.port_get_trunk_vlan_list("Gi1/0/9")
    p._dump_list(buf)

    p.port_remove_trunk_from_vlan("Gi1/0/9", 3)
    p.port_remove_trunk_from_vlan("Gi1/0/9", 3)
    p.port_remove_trunk_from_vlan("Gi1/0/9", 4)
    print "Read from switch: which VLANs is Gi1/0/9 on?"
    buf = p.port_get_trunk_vlan_list("Gi1/0/9")
    p._dump_list(buf)

#    print 'Restarting switch, to explicitly reset config'
#    p.switch_restart()

#    p.switch_save_running_config()

#    p.switch_disconnect()
#    p._show_config()