UCSD Custom Enhanced SSH (Credential Policy)

Version 5
    Task NameCustom SSH
    Description

    Custom SSH with enhancements

    Prerequisites
    1. Tested on 5.1
    2. Tested on 6.0.1.0
    CategoryWorkflow
    Components
    User Inputs
    1. Account Name
    2. IP address
    3. Commands to exectue
    4. Undo Commands
    Output
    1. SSH_STDOUT
    2. SSH_STDERR
    3. SSH_EXITCODE

     

    1  Custom SSH Task

    1.1 Introduction

    The OOTB SSH command execution custom task have some limitations that made the real usage almost impossible. To avoid this limitations the following Custom SSH task has been created.

    1.2  OOTB SSH Limitations

    1.2.1  IP Address and Hostname

    An IP address is mandatory due Input type. Most of the time the customer are askin to use an IP or a Hostname. The custom task allows that.

    1.2.2  Credentials

    The username and password has to be entered on the SSH, with the Custom SSH it takes the credentials from the Credentials Policy, this make easier the maintenance and usage of the flows, because most of the time the Customer changes the admin credentials for security reasons. This Custom SSH uses the credentials from the policy, if the  credentials are changed there is no need to change the credentials on the workflows.

    1.2.3  Finish execution of each command

    The OOTB SSH does not wait for each command to be finished, it launch the command and finish without result waiting. This Custom SSH will wait for the finish of each command.

     

    1.2.4  STDOUT and STDERR

    The custom SSH will get all the STDOUT and STDERR from all the commands executed on the SSH.

     

    1.2.5  Highest Return Code

    The custom SSH will return the highest return code of all commands, so you will be able to check if the execution was successful or not.

    1.2.6  Rollback

    The custom SSH includes an option for the rollback, using the same features explained above.


    1.3  Usage

    1.3.1  Import the custom task using the portal

    First import the custom tasks from the portal using the standard procedure:

    1. Extract the file on the Appendix A to your local computer
    2. Log in into the UCSD portal
    3. Go to Policies --> Orchestration

      

     

    1. Select Import
    2. Select the file extracted from the document and click Upload
    3. Click OK
    4. Check that the custom task is selected
    5. Click Import

     

    1. After finishing the import go to Custom Workflows Tasks tab



    2. Check the existence of the Custom SSH Task.


    1.3.2  Using Custom Task

    To be able to execute the task the following inputs has to be filled.

     

    The Undo Commands are optional, so if you don’t enter undo commands then the task will not generate any rollback task.

    Task Inputs

    Input

    Description

    Mappable To Type

    Mandatory

    Account Name

    gen_text_input

    Y

    IP Address

    gen_text_input

    Y

    Commands to execute

    gen_text_input

    Y

    Undo Commands

    gen_text_input

     

    The Account Name Input has to match the Credential Name for the credential Policy.

    To create a credential policy:

    1. Go to  Policies > Physical Infrastructure Policies > Credential Policies

    1. Click on Add


    2. Enter the information for the Credentials



    • The Policy Name should match the Account Name on the task Input.
    1. Click  Submit
    2. The Custom Task Flow will use the Username, Password and Port for the connection.

    Task Outputs

    Output

    Description

    Type

    SSH_STDOUT

    SSH_STDOUT

    gen_text_input

    SSH_STDERR

    SSH_STDERR

    gen_text_input

    SSH_EXITCODE

    SSH_EXITCODE

    gen_text_input

     

     

    Just tested and created new workflow on UCSD 6.0.1.0:

     

    Used a Nexus Cred policy

    Screen Shot 2017-01-18 at 10.17.31 AM.png

     

    Did not change the original task.