MÓDULO CLI.Art¶
SSH/TELNET orchestration via Ansible playbooks + custom engine.
Function¶
Drives interactive shell commands on NGFWs + switches + servers via OOBI. SSH preferred; TELNET supported for legacy gear.
Identity¶
| Element | Value |
|---|---|
| Plane | MGMT-light (cloud-portable) |
| Internal code | ansible-orchestrator + custom TS engine over ssh2 |
| K8s namespace | web-agents |
| OOBI slot | within MGMT-light block |
Supported vendors (7 profiles)¶
| Vendor | Prompt regex + 7 canonical commands |
|---|---|
| Cisco IOS-XE | enable mode + configure terminal |
| Cisco NX-OS | enable mode + VRF-aware show ip route |
| Cisco FTD (FDM) | enable mode + show bgp summary |
| Fortinet FortiOS | single-stage prompt, no enable mode |
| Palo Alto PAN-OS | user@device> + configure |
| Juniper Junos | edit/exit mode |
| VyOS | bash-style prompt + configure mode |
Operator controls¶
/admin/ssh— register session, run command sequence- Read-only by default; write-mode unlock window (5 min default)
- Per-host vault credentials (SSH key / password / fingerprint)
Key telemetry¶
ssh_sessions_active_total— concurrent sessionsssh_command_executions_total{vendor, op}— per-vendor callsssh_audit_records_total— every keystroke captured
Notes¶
7 default Ansible playbook templates ship with the bench (per SSH-9). Per-host concurrency limit default 2 (per SSH-8).
Related¶
- SSH/TELNET primer
- API INFRA.Art — REST sister
- RELAY.Art — production proxy