class PuppetX::Eos::Radius

Radius provides instance methods to retrieve and set radius configuration values.

Constants

DEFAULT_ACCT_PORT
DEFAULT_AUTH_PORT
GROUP_MEMBER_REGEXP
SERVER_GROUP_REGEXP

Regular expression to extract a radius server’s attributes from the running-configuration text. The explicit [ ] spaces enable line wrappping and indentation with the /x flag.

SERVER_REGEXP

Regular expression to extract a radius server’s attributes from the running-configuration text. The explicit [ ] spaces enable line wrappping and indentation with the /x flag.

Public Instance Methods

getall() click to toggle source

getall Returns an Array with a single resource Hash describing the current state of the global radius configuration on the target device. This method is intended to be used by a provider’s instances class method.

The resource hash returned contains the following information:

* name: ('settings')
* enable: (true | false) if radius functionality is enabled.  This is
  always true for EOS.
* key: (String) the key either in plaintext or hashed format
* key_format: (Integer) e.g. 0 or 7
* timeout: (Integer) seconds before the timeout period ends
* retransmit_count: (Integer), e.g. 3, attempts after first timeout
  expiry.

@api public

@return [Array<Hash>] Single element Array of resource hashes

# File lib/puppet_x/eos/modules/radius.rb, line 53
def getall
  config = running_configuration
  rsrc_hsh = radius_global_defaults
  rsrc_hsh.merge!(parse_global_key(config))
  rsrc_hsh.merge!(parse_global_timeout(config))
  rsrc_hsh.merge!(parse_global_retransmit(config))
  [rsrc_hsh]
end
parse_group_servers(config, name) click to toggle source

parse_group_servers parses the list of servers associated with a radius server group given a group name and a running configuration text.

@param [String] config The running configuration text.

@param [String] name The name of the server group to parse.

@api private

@return [Array<Hash<Symbol,Object>] Array of server attributes

# File lib/puppet_x/eos/modules/radius.rb, line 127
def parse_group_servers(config, name)
  regexp = /aaa group server radius #{name}(.*?)!/m
  mdata = regexp.match(config)
  if mdata
    tuples = mdata[1].scan(GROUP_MEMBER_REGEXP)
    tuples.collect do |(hostname, auth_port, acct_port)|
      {
        hostname: hostname,
        auth_port: auth_port ? auth_port.to_i : DEFAULT_AUTH_PORT,
        acct_port: acct_port ? acct_port.to_i : DEFAULT_ACCT_PORT
      }
    end
  else
    Array.new
  end
end
remove_server(opts = {}) click to toggle source

remove_server removes the SNMP server identified by the hostname, auth_port, and acct_port attributes.

@api public

@return [Boolean] true if no errors

# File lib/puppet_x/eos/modules/radius.rb, line 218
def remove_server(opts = {})
  cmd = "no radius-server host #{opts[:hostname]}"
  cmd << " auth-port #{opts[:auth_port]}" if opts[:auth_port]
  cmd << " acct-port #{opts[:acct_port]}" if opts[:acct_port]
  result = api.config(cmd)
  result == [{}]
end
remove_server_group(opts = {}) click to toggle source

remove_server_group removes a radius server group by name. This API call maps to the ‘no aaa group server radius <name>` command.

@option opts [String] :name (‘RAD-SV2’) The name of the radius server

group to remove.

@api public

@return [Boolean] true if no errors

# File lib/puppet_x/eos/modules/radius.rb, line 183
def remove_server_group(opts = {})
  result = api.config("no aaa group server radius #{opts[:name]}")
  result == [{}]
end
server_groups() click to toggle source

server_groups retrieves a list of radius server groups from the target device.

@api public

@return [Array<Hash<Symbol,Object>>] Array of resource hashes

# File lib/puppet_x/eos/modules/radius.rb, line 108
def server_groups
  config = running_configuration
  tuples = config.scan(SERVER_GROUP_REGEXP)
  tuples.map do |(name)|
    { name: name, servers: parse_group_servers(config, name) }
  end
end
servers() click to toggle source

servers returns an Array of radius server resource hashes. Each hash describes the current state of the radius server and is suitable for use in initializing a radius_server provider.

The resource hash returned contains the following information:

* hostname: hostname or ip address
* key: (String) the key either in plaintext or hashed format
* key_format: (Fixnum) e.g. 0 or 7
* timeout: (Fixnum) seconds before the timeout period ends
* retransmit_count: (Integer), e.g. 3, attempts after first timeout
  expiry.
* group: (String) Server group associated with this server.
* deadtime: (Fixnum) number of minutes to ignore an unresponsive
 server.
* acct_port: (Fixnum) Port number to use for accounting.
* accounting_only: (Boolean) Enable this server for accounting only.
* auth_port: (Fixnum) Port number to use for authentication

@api public

@return [Array<Hash<Symbol,Object>>] Array of resource hashes

# File lib/puppet_x/eos/modules/radius.rb, line 84
def servers
  config = running_configuration
  tuples = config.scan(SERVER_REGEXP)
  tuples.map do |(host, authp, acctp, tout, dead, tries, keyfm, key)|
    hsh = { auth_port: DEFAULT_AUTH_PORT, acct_port: DEFAULT_ACCT_PORT }
    hsh[:hostname]         = host       if host
    hsh[:auth_port]        = authp.to_i if authp
    hsh[:acct_port]        = acctp.to_i if acctp
    hsh[:timeout]          = tout.to_i  if tout
    hsh[:retransmit_count] = tries.to_i if tries
    hsh[:deadtime]         = dead.to_i  if dead
    hsh[:key_format]       = keyfm.to_i if keyfm
    hsh[:key]              = key        if key
    hsh
  end
end
set_global_key(opts = {}) click to toggle source

set_global_key configures the radius default key. This method maps to the ‘radius-server key` EOS configuration command, e.g. `radius-server key 7 070E234F1F5B4A`.

@option opts [String] :key (‘070E234F1F5B4A’) The key value

@option opts [Fixnum] :key_format (7) The key format, 0 for plaintext

and 7 for a hashed value.  7 will be assumed if this option is not
provided.

@api public

@return [Boolean] true if no errors

# File lib/puppet_x/eos/modules/radius.rb, line 322
def set_global_key(opts = {})
  format = opts[:key_format] || 7
  key = opts[:key]
  fail ArgumentError, 'key option is required' unless key
  result = api.config("radius-server key #{format} #{key}")
  result == [{}]
end
set_retransmit_count(opts = {}) click to toggle source

set_retransmit_count configures the radius default retransmit count. This method maps to the ‘radius-server retransmit` configuration command.

@option opts [Fixnum] :retransmit_count (4) The number of times to

retry an unresponsive server after the first timeout period.

@api public

@return [Boolean] true if no errors

# File lib/puppet_x/eos/modules/radius.rb, line 358
def set_retransmit_count(opts = {})
  retransmit_count = opts[:retransmit_count]
  fail ArgumentError,
    'retransmit_count option is required' unless retransmit_count
  result = api.config("radius-server retransmit #{retransmit_count}")
  result == [{}]
end
set_timeout(opts = {}) click to toggle source

set_timeout configures the radius default timeout. This method maps to the ‘radius-server timeout` setting.

@option opts [Fixnum] :timeout (50) The timeout in seconds to

configure.

@api public

@return [Boolean] true if no errors

# File lib/puppet_x/eos/modules/radius.rb, line 340
def set_timeout(opts = {})
  timeout = opts[:timeout]
  fail ArgumentError, 'timeout option is required' unless timeout
  result = api.config("radius-server timeout #{timeout}")
  result == [{}]
end
update_server(opts = {}) click to toggle source

update_server configures a radius server resource on the target device. This API method maps to the ‘radius server host` command, e.g. `radius-server host 10.11.12.13 auth-port 1024 acct-port 2048 timeout 30 retransmit 5 key 7 011204070A5955`

@api public

@return [Boolean] true if there are no errors

# File lib/puppet_x/eos/modules/radius.rb, line 197
def update_server(opts = {})
  retransmit = opts[:retransmit_count]
  key_format = opts[:key_format] || 7
  cmd = "radius-server host #{opts[:hostname]}"
  cmd << " auth-port #{opts[:auth_port]}"   if opts[:auth_port]
  cmd << " acct-port #{opts[:acct_port]}"   if opts[:acct_port]
  cmd << " timeout #{opts[:timeout]}"       if opts[:timeout]
  cmd << " deadtime #{opts[:deadtime]}"     if opts[:deadtime]
  cmd << " retransmit #{retransmit}"        if retransmit
  cmd << " key #{key_format} #{opts[:key]}" if opts[:key]
  result = api.config(cmd)
  result == [{}]
end
update_server_group(opts = {}) click to toggle source

update_server_group updates a radius server group given an Array of server attributes and the name of the server group. The update happens by first deleting the existing group if it exists then creating it again with all of the specified servers.

@param [String] name The name of the server group to update

@param [Array<Hash<Symbol,Object>>] servers The array of servers to

associate with the server group.  This hash should have at least the
:hostname key.

@api public

@return [Boolean] true if no errors

# File lib/puppet_x/eos/modules/radius.rb, line 159
def update_server_group(opts = {})
  cmd = "aaa group server radius #{opts[:name]}"
  api.config("no #{cmd}")
  cmds = [cmd]
  opts[:servers].each do |hsh|
    server = "server #{hsh[:hostname]}"
    server << " auth-port #{hsh[:auth_port] || DEFAULT_AUTH_PORT}"
    server << " acct-port #{hsh[:acct_port] || DEFAULT_ACCT_PORT}"
    cmds << server
  end
  result = api.config(cmds)
  !result.find { |r| r != {} }
end

Private Instance Methods

parse_global_key(config) click to toggle source

parse_global_key takes a running configuration as a string and parses out the radius global key and global key format if it exists in the configuration. An empty Hash is returned if there is no global key configured. The intent of the Hash is to be merged into a property hash.

@param [String] config The running configuration as a single string.

@api private

@return [Hash<Symbol,Object>] resource hash attributes

# File lib/puppet_x/eos/modules/radius.rb, line 257
def parse_global_key(config)
  rsrc_hsh = {}
  (key_format, key) = config.scan(/radius-server key (\d+) (\w+)/).first
  rsrc_hsh[:key_format] = key_format.to_i if key_format
  rsrc_hsh[:key] = key if key
  rsrc_hsh
end
parse_global_retransmit(config) click to toggle source

parse_global_retransmit takes a running configuration as a string and parses out the radius global retransmit count value if it exists in the configuration. An empty Hash is returned if there is no global timeout value configured. The intent of the Hash is to be merged into a property hash.

@param [String] config The running configuration as a single string.

@api private

@return [Hash<Symbol,Object>] resource hash attributes

# File lib/puppet_x/eos/modules/radius.rb, line 299
def parse_global_retransmit(config)
  rsrc_hsh = {}
  count = config.scan(/radius-server retransmit (\d+)/).first
  # EOS default is 3 (does not show up in the running config)
  rsrc_hsh[:retransmit_count] = count.first.to_i if count
  rsrc_hsh
end
parse_global_timeout(config) click to toggle source

parse_global_timeout takes a running configuration as a string and parses out the radius global timeout if it exists in the configuration. An empty Hash is returned if there is no global timeout value configured. The intent of the Hash is to be merged into a property hash.

@param [String] config The running configuration as a single string.

@api private

@return [Hash<Symbol,Object>] resource hash attributes

# File lib/puppet_x/eos/modules/radius.rb, line 278
def parse_global_timeout(config)
  rsrc_hsh = {}
  timeout = config.scan(/radius-server timeout (\d+)/).first
  # EOS default is 5 (does not show up in the running config)
  rsrc_hsh[:timeout] = timeout.first.to_i if timeout
  rsrc_hsh
end
radius_global_defaults() click to toggle source

radius_global_defaults returns the default values for the radius_global resource. This is in a single method to keep the information in one place. If a value is explicitly configured to be the same as a default value it will not show up in the running configuration and as a result will not be parsed out by the parse instance methods. This method exposes the default values.

@return [Array<Hash>] Single element Array of resource hashes

# File lib/puppet_x/eos/modules/radius.rb, line 235
def radius_global_defaults
  {
    name: 'settings',
    enable: true,
    timeout: 5,
    retransmit_count: 3
  }
end