Hurray! The first winter release! Also, it is the last release in the waning 2023 (except for any possible hotfixes).

Library updates

Textual is updated to 0.44.1. They promise some noticeable performance changes! So, I advise everyone to update.

Netmiko and some of its dependencies have gone. Thymus requires AsyncSSH with bcrypt and telnetlib3 now. More below.

Thymus requires Thymus AST at least 0.1.6 version. More below.

Lots of other libs are updated to the latest versions.

Thymus AST and IOS improvements

I updated Thymus-AST to the version 0.1.6. This version includes three enhancements. Let’s start with the smallest one. Thymus supports at least two versions of UTF-8 encoded files: plain UTF-8 and UTF-8 with BOM. The latter uses a special symbol at the beginning of files \ufeff. When Thymus opens any config as a BOM-encoded file, the standard library (its open call) automatically strips the symbol, and everything is fine. When the same file is opened as a plain UTF-encoded, the symbol persists there. In general, it does not pose any problem, but sometimes, especially for IOS-likes platforms, a config can begin with a comment line. In this case, Thymus starts considering the comment line as a normal config statement, which is not the way I’ve ever planned. So, I made some safeguard code that checks every line for the BOM symbol and strips it.

What’s next? I’ve noticed that in some cases IOS can add meaningless lines at the beginning of a file. For example, there can be “Building configuration…” or “Current configuration…” lines. Before this release, Thymus AST parsed them as stub elements of a root node. That wasn’t good at all. To solve this I decided to ignore all lines, preceding the “version” keyword, which is a part of every IOS-like config. Now, if a config does not contain the “version” somewhere in the beginning, it won’t be parsed.

And it creates an issue for Arista’s EOS. It looks like they don’t add “version” in config files. I didn’t want to create a new settings key (like promiscuous mode) for EOS, so I intentionally made some hack that inserts a fake “version” line before parsing and changes it with “!” after. I think that EOS doesn’t like to add some extra lines to a config header without the “!”, that’s why I decided to produce this workaround and monitor the situation. Maybe later I will have to change the logic again.

Last but not least. IOS-like platforms have a special type of stub statement: a multiline one. This statement contains two encounters of a special boundary symbol ^C. Between its encounters, all lines belong to the same stub statement. One can already guess Thymus AST considered such lines as standalone stubs. Let me give you an example.

In the picture, a number at the beginning of each line depicts an index of a stub. I had to deal with this issue and alter parsing accordingly. Now, Thymus AST accumulates lines between two ^C and corresponds them to the first line where the first ^C of a pair lives. Anyway, when you use the show command in Thymus, it shows you these lines separately, just like in a configuration, but any sub-commands (e.g., show | stubs | include ) yield all these lines together now.

Farewell Netmiko!

Finally, I found some energy to deal with my network loader module! Previously, I’ve told why Netmiko was not so good choice for my application. I’ve never meant that Netmiko is bad or something! This is an amazing tool, but I wanted something more lightweight, and I’ve made it! It is async-full and requires no threading. The original network loader was a wrapper around Netmiko, and I used a thread to work it concurrently with Thymus. Because of async now I can skip coping with threading on my own and leave it to Textual, which does it way better under the hood.

Netmiko dragged some useless (in my case) libraries. All of them were thrown away. To support my current code Thymus requires AsyncSSH and telnetlib3 libraries. The former also can be united with the bcrypt library which allows decrypting local SSH keys.

Speaking about SSH keys. In release 0.1.6 one can use SSH keys only when they were stored in a local SSH agent. An alternative option was password-based authentication. From 0.1.7 it is possible to use local-stored SSH keys that aren’t included in the SSH agent. A user does not have to specify a path to a key explicitly, Thymus searches for all possible keys automatically. Two options can be selected by a new control next to the selection between Telnet and SSH. For the password mode, Thymus still tries to connect to a local SSH agent and retrieve keys, but if it fails it will use a user and password pair. Otherwise, for the key-searching mode, it again tries the agent, but as a fallback, it searches inside ~/.ssh and ~/ssh folders for any keys whose names start with id_ and contain key type (rsa, ecdsa, etc.). For this mode, the field of password becomes the passphrase field to decrypt the key. AsyncSSH tries the strongest algorithms first. It will use the passphrase with each key starting from the strongest ones.

The code of the current network module is based on the general attitude and logic of the Netdev project (http://netdev.readthedocs.io/). Netdev is written by Sergey Yakovlev (selfuryon at gmail.com). Sergey has ceased the support of Netdev. The code from Netdev wasn’t copied as is and the Thymus module was written from scratch with an eye on the Netdev code, but I think it is important to thank Sergey for his outstanding work. Many platforms, parts of the Netdev code, and so on were skipped here because for now, I consider them redundant for my little goals. The main goal of this code is to allow Thymus to fetch config from a remote node. All other interaction with the node is out of scope. I also added Telnet support from scratch.

To be honest, I expect some issues with my code, but I’m glad I’ve stepped this way.

Minor fixes

Arista EOS hasn’t been tested well because I expected that it was all the same as for IOS. I’ve stumbled upon the broken set command with some keys (e.g., base heuristics). I think it is time for unit tests because I’m tired of going in a circle of the same problems.

Because of recent changes in the settings module the global show gave default settings in every case.

I’ve also improved the stability of Thymus and made some refactoring, but it will be too boring to read about the details.

And screenshots! Yes, they are fixed now!

Stay tunatuned!