From e2899b55638101ddf97aeab919a9f064daf05451 Mon Sep 17 00:00:00 2001 From: Saku Ytti Date: Sat, 4 Feb 2017 11:49:31 +0200 Subject: give option to stop resolving name to IP With ssh proxy you might want to have far-end resolve --- lib/oxidized/config.rb | 1 + lib/oxidized/node.rb | 3 ++- 2 files changed, 3 insertions(+), 1 deletion(-) (limited to 'lib') diff --git a/lib/oxidized/config.rb b/lib/oxidized/config.rb index b6b5c40..c97fa2f 100644 --- a/lib/oxidized/config.rb +++ b/lib/oxidized/config.rb @@ -20,6 +20,7 @@ module Oxidized asetus.default.username = 'username' asetus.default.password = 'password' asetus.default.model = 'junos' + asetus.deefault.resolve_dns = true # if false, don't resolve DNS to IP asetus.default.interval = 3600 asetus.default.use_syslog = false asetus.default.debug = false diff --git a/lib/oxidized/node.rb b/lib/oxidized/node.rb index 6f89b56..7201a73 100644 --- a/lib/oxidized/node.rb +++ b/lib/oxidized/node.rb @@ -14,7 +14,8 @@ module Oxidized ip_addr, _ = opt[:ip].to_s.split("/") Oxidized.logger.debug 'IPADDR %s' % ip_addr.to_s @name = opt[:name] - @ip = IPAddr.new(ip_addr).to_s rescue nil + @ip = @name unless Oxidized.config.resolve_dns? + @ip ||= IPAddr.new(ip_addr).to_s rescue nil @ip ||= Resolv.new.getaddress @name @group = opt[:group] @input = resolve_input opt -- cgit v1.2.3 From 50b3bc843d115351d109399a9ef453e3790b01fd Mon Sep 17 00:00:00 2001 From: Saku Ytti Date: Sat, 4 Feb 2017 12:00:03 +0200 Subject: typo fix --- lib/oxidized/config.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lib') diff --git a/lib/oxidized/config.rb b/lib/oxidized/config.rb index c97fa2f..a92cea6 100644 --- a/lib/oxidized/config.rb +++ b/lib/oxidized/config.rb @@ -20,7 +20,7 @@ module Oxidized asetus.default.username = 'username' asetus.default.password = 'password' asetus.default.model = 'junos' - asetus.deefault.resolve_dns = true # if false, don't resolve DNS to IP + asetus.default.resolve_dns = true # if false, don't resolve DNS to IP asetus.default.interval = 3600 asetus.default.use_syslog = false asetus.default.debug = false -- cgit v1.2.3 From 73175e95c253471f7f06dee04f88e76c77204e6c Mon Sep 17 00:00:00 2001 From: Wild Kat Date: Fri, 27 Apr 2018 19:07:31 +0200 Subject: add docs and tests for resolve_dns --- docs/Configuration.md | 10 ++++++++++ lib/oxidized/config.rb | 2 +- spec/input/ssh_spec.rb | 49 +++++++++++++++++++++++++++++++++++++++++-------- 3 files changed, 52 insertions(+), 9 deletions(-) (limited to 'lib') diff --git a/docs/Configuration.md b/docs/Configuration.md index 1d16c91..aea5e3c 100644 --- a/docs/Configuration.md +++ b/docs/Configuration.md @@ -214,3 +214,13 @@ next_adds_job: true ``` This will allow for a more timely fetch of the device configuration. + +## Disabling DNS resolution + +In some instances it might not be desirable to attempt to resolve names of nodes. One such use case is when nodes are accessed through an SSH proxy, where the remote end resolves the names differently than the host on which Oxidized runs would. + +Names can instead be passed verbatim to the input: + +```yaml +resolve_dns: false +``` diff --git a/lib/oxidized/config.rb b/lib/oxidized/config.rb index 0a8fdfd..36d9d73 100644 --- a/lib/oxidized/config.rb +++ b/lib/oxidized/config.rb @@ -20,7 +20,7 @@ module Oxidized asetus.default.username = 'username' asetus.default.password = 'password' asetus.default.model = 'junos' - asetus.default.resolve_dns = true # if false, don't resolve DNS to IP + asetus.default.resolve_dns = true # if false, don't resolve DNS to IP asetus.default.interval = 3600 asetus.default.use_syslog = false asetus.default.debug = false diff --git a/spec/input/ssh_spec.rb b/spec/input/ssh_spec.rb index 3c33cd8..0a3bd8d 100644 --- a/spec/input/ssh_spec.rb +++ b/spec/input/ssh_spec.rb @@ -8,17 +8,19 @@ describe Oxidized::SSH do Oxidized::Node.any_instance.stubs(:resolve_repo) Oxidized::Node.any_instance.stubs(:resolve_input) Oxidized::Node.any_instance.stubs(:resolve_output) - @node = Oxidized::Node.new(name: 'example.com', - input: 'ssh', - output: 'git', - model: 'junos', - username: 'alma', - password: 'armud', - vars: { ssh_proxy: 'test.com' }) end describe "#connect" do - it "should use proxy command when proxy host given" do + it "should use proxy command when proxy host given and connect by ip if resolve_dns is true" do + Oxidized.config.resolve_dns = true + @node = Oxidized::Node.new(name: 'example.com', + input: 'ssh', + output: 'git', + model: 'junos', + username: 'alma', + password: 'armud', + vars: { ssh_proxy: 'test.com' }) + ssh = Oxidized::SSH.new model = mock @@ -39,5 +41,36 @@ describe Oxidized::SSH do ssh.instance_variable_set("@exec", true) ssh.connect(@node) end + + it "should use proxy command when proxy host given and connect by name if resolve_dns is false" do + Oxidized.config.resolve_dns = false + @node = Oxidized::Node.new(name: 'example.com', + input: 'ssh', + output: 'git', + model: 'junos', + username: 'alma', + password: 'armud', + vars: { ssh_proxy: 'test.com' }) + + ssh = Oxidized::SSH.new + + model = mock + model.expects(:cfg).returns('ssh' => []) + @node.expects(:model).returns(model).at_least_once + + proxy = mock + Net::SSH::Proxy::Command.expects(:new).with("ssh test.com -W %h:%p").returns(proxy) + Net::SSH.expects(:start).with('example.com', 'alma', port: 22, + timeout: Oxidized.config.timeout, + paranoid: Oxidized.config.input.ssh.secure, + keepalive: true, + proxy: proxy, + password: 'armud', + number_of_password_prompts: 0, + auth_methods: %w[none publickey password]) + + ssh.instance_variable_set("@exec", true) + ssh.connect(@node) + end end end -- cgit v1.2.3