jcollie · August 28, 2013 20:29
diff --git a/gistfile1.txt b/gistfile1.txt
 /etc/rancid:
  file.directory:
    - user: rancid
    - group: rancid
    - mode: 0750
    - require:
      - pkg: rancid
      - user: rancid
      - group: rancid

 /etc/rancid/rancid.conf:
  file.managed:
    - source: salt://rancid/rancid.conf
    - template: jinja
    - user: rancid
    - group: rancid
    - require:
      - pkg: rancid
      - user: rancid
      - group: rancid

 /srv/rancid:
  file.directory:
    - user: rancid
    - group: rancid
    - mode: 0755
    - require:
      - pkg: rancid
      - user: rancid
      - group: rancid

 {% for item in pillar['swis_rancid_groups']['results'] %}

 /srv/rancid/{{ item['RancidGroup'] }}:
  file.directory:
    - user: rancid
    - group: rancid
    - mode: 0755
    - require:
      - pkg: rancid
      - user: rancid
      - group: rancid
      - file: /srv/rancid

 /srv/rancid/{{ item['RancidGroup'] }}/configs:
  file.directory:
    - user: rancid
    - group: rancid
    - mode: 0755
    - require:
      - pkg: rancid
      - user: rancid
      - group: rancid
      - file: /srv/rancid/{{ item['RancidGroup'] }}

 /srv/rancid/{{ item['RancidGroup'] }}/router.db:
  file.managed:
    - source: salt://rancid/router.db
    - template: jinja
    - user: rancid
    - group: rancid
    - mode: 0644
    - context:
        rancid_group: {{ item['RancidGroup'] }}
    - require:
      - pkg: rancid
      - user: rancid
      - group: rancid
      - file: /srv/rancid/{{ item['RancidGroup'] }}

 {% endfor %}
diff --git a/master b/master
 ext_pillar:
  - swis:
      hostname: sw.example.com
      username: swis
      password: sekrit
      query: SELECT Node.Caption, Node.CustomProperties.RancidGroup, Node.CustomProperties.RancidType FROM Orion.Nodes AS Node WHERE Node.CustomProperties.RancidGroup IS NOT NULL AND Node.CustomProperties.RancidType IS NOT NULL ORDER BY Node.CustomProperties.RancidGroup, Node.Caption;
      key: swis_rancid_nodes

  - swis:
      hostname: sw.example.com
      username: swis
      password: sekrit
      query: SELECT DISTINCT Node.CustomProperties.RancidGroup FROM Orion.Nodes AS Node WHERE Node.CustomProperties.RancidGroup IS NOT NULL ORDER BY Node.CustomProperties.RancidGroup;
      key: swis_rancid_groups
diff --git a/rancid.conf b/rancid.conf
 # rancid 2.3.2a9
 # This file sets up the environment used for rancid.  see rancid.conf(5)
 #
 # This will be site specific
 #
 TERM=network;export TERM
 #
 # Create files w/o world read/write/exec permissions, but read/exec permissions
 # for group.
 #umask 027
 umask 022
 #
 # Under BASEDIR (i.e.: --localstatedir), there will be a "logs" directory for
 # the logs from rancid and a directory for each group of routers defined in
 # LIST_OF_GROUPS (below).  In addition to these, there will be a "CVS"
 # directory which is the cvs (or Subversion) repository.
 #
 # Use a full path (no sym-links) for BASEDIR.
 #
 TMPDIR=/tmp; export TMPDIR
 # Be careful changing this, it affects CVSROOT below.
 BASEDIR=/srv/rancid; export BASEDIR
 PATH=/usr/bin:/usr/bin:.:/bin:/usr/local/bin:/usr/bin; export PATH
 # Location of the CVS/SVN repository.  Be careful changing this.
 CVSROOT=$BASEDIR/CVS; export CVSROOT
 # Location of log files produced by rancid-run(1).
 LOGDIR=$BASEDIR/logs; export LOGDIR
 #
 # Select which RCS system to use, "cvs" (default), "svn" or "git".  Do
 # not change this after CVSROOT has been created with rancid-cvs.
 # Changing between these requires manual conversions.
 RCSSYS=git; export RCSSYS
 #
 # if ACLSORT is NO, access-lists will NOT be sorted.
 ACLSORT=NO; export ACLSORT
 #
 # if NOPIPE is set, temp files will be used instead of a cmd pipe during
 # collection from the router(s).
 #NOPIPE=YES; export NOPIPE
 #
 # FILTER_PWDS determines which passwords are filtered from configs by the
 # value set (NO | YES | ALL).  see rancid.conf(5).
 FILTER_PWDS=NO; export FILTER_PWDS
 #
 # if NOCOMMSTR is set, snmp community strings will be stripped from the configs
 #NOCOMMSTR=NO; export NOCOMMSTR
 #
 # How many times failed collections are retried (for each run) before
 # giving up.  Minimum: 1
 #MAX_ROUNDS=4; export MAX_ROUNDS
 #
 # How many hours should pass before complaining about routers that
 # can not be reached.  The value should be greater than the number
 # of hours between your rancid-run cron job.  Default: 24
 OLDTIME=4; export OLDTIME
 #
 # How many hours should pass before complaining that a group's collection
 # (the age of it's lock file) is hung.
 LOCKTIME=4; export LOCKTIME
 #
 # The number of devices to collect simultaneously.
 PAR_COUNT=10; export PAR_COUNT
 #
 # list of rancid groups
 #LIST_OF_GROUPS="sl joebobisp"
 # more groups...
 #LIST_OF_GROUPS="$LIST_OF_GROUPS noc billybobisp"
 LIST_OF_GROUPS="{% for item in pillar['swis_rancid_groups']['results'] %}{{ item['RancidGroup'] }}{%if not loop.last %} {% endif %}{% endfor %}"; export LIST_OF_GROUPS
 #
 # For each group, define a list of people to receive the diffs.
 # in sendmail's /etc/aliases.
 #   rancid-group:       joe,moe@foo
 #   rancid-admin-group: hostmaster
 # be sure to read ../README regarding aliases.
 #
 # If your MTA configuration is broken or you want mail to be forwarded to a
 # domain not the same as the local one, define that domain here.  "@" must be
 # included, as this is simply appended to the usual recipients.  It is NOT
 # appended to recipients specified in rancid-run's -m option.
 #MAILDOMAIN="@example.com"; export MAILDOMAIN
 #
 # By default, rancid mail is marked with precedence "bulk".  This may be
 # changed by setting the MAILHEADERS variable; for example no header by setting
 # it to "" or adding X- style headers.  Individual headers must be separated
 # by a \n.
 #MAILHEADERS="Precedence: bulk"; export MAILHEADERS
diff --git a/router.db b/router.db
 {%- for item in pillar['swis_rancid_nodes']['results'] -%}
 {%- if item['RancidGroup'] == rancid_group -%}
 {{ item['Caption'] }}:{{ item['RancidType'] }}:up
 {% endif -%}
 {%- endfor -%}
diff --git a/swis.py b/swis.py
 #! -*- mode: python; coding: utf-8 -*-

 import json
 import requests

 class SwisClient:
    def __init__(self, hostname, username, password):
        self.url = "https://%s:17778/SolarWinds/InformationService/v3/Json/" % (hostname)
        self.credentials = (username, password)

    def query(self, query, **params):
        return self._req("POST", "Query", {'query': query, 'parameters': params}).json()

    def invoke(self, entity, verb, *args):
        return self._req("POST", "Invoke/%s/%s" % (entity, verb), args).json()

    def create(self, entity, **properties):
        return self._req("POST", "Create/" + entity, properties).json()

    def read(self, uri):
        return self._req("GET", uri).json()

    def update(self, uri, **properties):
        return self._req("POST", uri, properties)

    def delete(self, uri):
        self._req("DELETE", uri)

    def _req(self, method, frag, data=None):
        return requests.request(method, self.url + frag, 
                                data=json.dumps(data), 
                                verify=False, 
                                auth=self.credentials, 
                                headers={'Content-Type': 'application/json'})

 def ext_pillar(pillar, hostname, username, password, key, query, data = {}):
    swis = SwisClient(hostname, username, password)
    result = swis.query(query, **data)
    return { key: result }
	/etc/rancid:
	file.directory:
	- user: rancid
	- group: rancid
	- mode: 0750
	- require:
	- pkg: rancid
	- user: rancid
	- group: rancid

	/etc/rancid/rancid.conf:
	file.managed:
	- source: salt://rancid/rancid.conf
	- template: jinja
	- user: rancid
	- group: rancid
	- require:
	- pkg: rancid
	- user: rancid
	- group: rancid

	/srv/rancid:
	file.directory:
	- user: rancid
	- group: rancid
	- mode: 0755
	- require:
	- pkg: rancid
	- user: rancid
	- group: rancid

	{% for item in pillar['swis_rancid_groups']['results'] %}

	/srv/rancid/{{ item['RancidGroup'] }}:
	file.directory:
	- user: rancid
	- group: rancid
	- mode: 0755
	- require:
	- pkg: rancid
	- user: rancid
	- group: rancid
	- file: /srv/rancid

	/srv/rancid/{{ item['RancidGroup'] }}/configs:
	file.directory:
	- user: rancid
	- group: rancid
	- mode: 0755
	- require:
	- pkg: rancid
	- user: rancid
	- group: rancid
	- file: /srv/rancid/{{ item['RancidGroup'] }}

	/srv/rancid/{{ item['RancidGroup'] }}/router.db:
	file.managed:
	- source: salt://rancid/router.db
	- template: jinja
	- user: rancid
	- group: rancid
	- mode: 0644
	- context:
	rancid_group: {{ item['RancidGroup'] }}
	- require:
	- pkg: rancid
	- user: rancid
	- group: rancid
	- file: /srv/rancid/{{ item['RancidGroup'] }}

	{% endfor %}
	ext_pillar:
	- swis:
	hostname: sw.example.com
	username: swis
	password: sekrit
	query: SELECT Node.Caption, Node.CustomProperties.RancidGroup, Node.CustomProperties.RancidType FROM Orion.Nodes AS Node WHERE Node.CustomProperties.RancidGroup IS NOT NULL AND Node.CustomProperties.RancidType IS NOT NULL ORDER BY Node.CustomProperties.RancidGroup, Node.Caption;
	key: swis_rancid_nodes

	- swis:
	hostname: sw.example.com
	username: swis
	password: sekrit
	query: SELECT DISTINCT Node.CustomProperties.RancidGroup FROM Orion.Nodes AS Node WHERE Node.CustomProperties.RancidGroup IS NOT NULL ORDER BY Node.CustomProperties.RancidGroup;
	key: swis_rancid_groups
	# rancid 2.3.2a9
	# This file sets up the environment used for rancid. see rancid.conf(5)
	#
	# This will be site specific
	#
	TERM=network;export TERM
	#
	# Create files w/o world read/write/exec permissions, but read/exec permissions
	# for group.
	#umask 027
	umask 022
	#
	# Under BASEDIR (i.e.: --localstatedir), there will be a "logs" directory for
	# the logs from rancid and a directory for each group of routers defined in
	# LIST_OF_GROUPS (below). In addition to these, there will be a "CVS"
	# directory which is the cvs (or Subversion) repository.
	#
	# Use a full path (no sym-links) for BASEDIR.
	#
	TMPDIR=/tmp; export TMPDIR
	# Be careful changing this, it affects CVSROOT below.
	BASEDIR=/srv/rancid; export BASEDIR
	PATH=/usr/bin:/usr/bin:.:/bin:/usr/local/bin:/usr/bin; export PATH
	# Location of the CVS/SVN repository. Be careful changing this.
	CVSROOT=$BASEDIR/CVS; export CVSROOT
	# Location of log files produced by rancid-run(1).
	LOGDIR=$BASEDIR/logs; export LOGDIR
	#
	# Select which RCS system to use, "cvs" (default), "svn" or "git". Do
	# not change this after CVSROOT has been created with rancid-cvs.
	# Changing between these requires manual conversions.
	RCSSYS=git; export RCSSYS
	#
	# if ACLSORT is NO, access-lists will NOT be sorted.
	ACLSORT=NO; export ACLSORT
	#
	# if NOPIPE is set, temp files will be used instead of a cmd pipe during
	# collection from the router(s).
	#NOPIPE=YES; export NOPIPE
	#
	# FILTER_PWDS determines which passwords are filtered from configs by the
	# value set (NO \| YES \| ALL). see rancid.conf(5).
	FILTER_PWDS=NO; export FILTER_PWDS
	#
	# if NOCOMMSTR is set, snmp community strings will be stripped from the configs
	#NOCOMMSTR=NO; export NOCOMMSTR
	#
	# How many times failed collections are retried (for each run) before
	# giving up. Minimum: 1
	#MAX_ROUNDS=4; export MAX_ROUNDS
	#
	# How many hours should pass before complaining about routers that
	# can not be reached. The value should be greater than the number
	# of hours between your rancid-run cron job. Default: 24
	OLDTIME=4; export OLDTIME
	#
	# How many hours should pass before complaining that a group's collection
	# (the age of it's lock file) is hung.
	LOCKTIME=4; export LOCKTIME
	#
	# The number of devices to collect simultaneously.
	PAR_COUNT=10; export PAR_COUNT
	#
	# list of rancid groups
	#LIST_OF_GROUPS="sl joebobisp"
	# more groups...
	#LIST_OF_GROUPS="$LIST_OF_GROUPS noc billybobisp"
	LIST_OF_GROUPS="{% for item in pillar['swis_rancid_groups']['results'] %}{{ item['RancidGroup'] }}{%if not loop.last %} {% endif %}{% endfor %}"; export LIST_OF_GROUPS
	#
	# For each group, define a list of people to receive the diffs.
	# in sendmail's /etc/aliases.
	# rancid-group: joe,moe@foo
	# rancid-admin-group: hostmaster
	# be sure to read ../README regarding aliases.
	#
	# If your MTA configuration is broken or you want mail to be forwarded to a
	# domain not the same as the local one, define that domain here. "@" must be
	# included, as this is simply appended to the usual recipients. It is NOT
	# appended to recipients specified in rancid-run's -m option.
	#MAILDOMAIN="@example.com"; export MAILDOMAIN
	#
	# By default, rancid mail is marked with precedence "bulk". This may be
	# changed by setting the MAILHEADERS variable; for example no header by setting
	# it to "" or adding X- style headers. Individual headers must be separated
	# by a \n.
	#MAILHEADERS="Precedence: bulk"; export MAILHEADERS
	{%- for item in pillar['swis_rancid_nodes']['results'] -%}
	{%- if item['RancidGroup'] == rancid_group -%}
	{{ item['Caption'] }}:{{ item['RancidType'] }}:up
	{% endif -%}
	{%- endfor -%}
	#! -- mode: python; coding: utf-8 --

	import json
	import requests

	class SwisClient:
	def __init__(self, hostname, username, password):
	self.url = "https://%s:17778/SolarWinds/InformationService/v3/Json/" % (hostname)
	self.credentials = (username, password)

	def query(self, query, **params):
	return self._req("POST", "Query", {'query': query, 'parameters': params}).json()

	def invoke(self, entity, verb, *args):
	return self._req("POST", "Invoke/%s/%s" % (entity, verb), args).json()

	def create(self, entity, **properties):
	return self._req("POST", "Create/" + entity, properties).json()

	def read(self, uri):
	return self._req("GET", uri).json()

	def update(self, uri, **properties):
	return self._req("POST", uri, properties)

	def delete(self, uri):
	self._req("DELETE", uri)

	def _req(self, method, frag, data=None):
	return requests.request(method, self.url + frag,
	data=json.dumps(data),
	verify=False,
	auth=self.credentials,
	headers={'Content-Type': 'application/json'})

	def ext_pillar(pillar, hostname, username, password, key, query, data = {}):
	swis = SwisClient(hostname, username, password)
	result = swis.query(query, **data)
	return { key: result }