Skillet from Panorama Backup

Reply
Highlighted
L1 Bithead

Skillet from Panorama Backup

I am new to Skillets, but have Panhandler/Docker installed and seemingly working. I have environments(panorama+ngfw) that are cookie cutter, except for environmental specifics, hostnames, IP's, etc. I want to import a backup xml from Panorama to use as a template(Skillet), change the variables, save and re-import into a new panorama instance. I have not figured out how to do this....do I need to host the backup xml's in a GIT repo, or can i simply import them?

Highlighted
L4 Transporter

There are a few options if you just want a full xml output to import/load to the firewall.

 

I'll reference https://skilletbuilder.readthedocs.io/en/latest/ with more information about building skillets.

 

1) archive repo so you can have a backup and share

 

This is the standard model. In the next version of panHandler now in development you'll also be able to read/update private repos if you don't want your work in the public domain. The config tutorial in the skilletBuilder docs covers most of the work.

 

- output the full xml file and store in the same directory as the .meta-cnc.yaml file

- use type 'template' which is just rendered text output to screen doing the variable swap

- add the variables to the xml file and the variables section of the yaml file

- push to github and import

- run the skillet, input values, and see the output on screen to capture and load to the firewall

 

2) use the new skillet editor features in panHander (now in development)

For an early peek you can install the dev version of panhandler noting it isn't as stable as code for general release.

https://skilletbuilder.readthedocs.io/en/latest/getting_started/panhandler.html#updating-or-running-...

(more docs/tutorials for this model coming soon...)

 

- either import an empty github repo as a starting point or for temp work use an existing repo

- Under Skillet Repositories > Details you'll see the ability to Create a Skillet. This is local to panHandler

- choose type Template, follow the forms, and paste in the XML file

- in the XML file use jinja notation {{ variable }} to place variables

- the editor will find these variables and auto-populate the variables section

- you can save and play the skillet without pushing to github [unless your own repo and you want to push upstream]

 

One of these should work based on your longer term need

 

 

 

Highlighted
L1 Bithead

Thanks....the issue we have been fighting through is all our Repo's require authentication, and we havent been able to get it to work yet. 

Highlighted
L1 Bithead

Using the Beta version....where and how do you enter credentials?  

Highlighted
L4 Transporter

The login for the dev version of panHandler is the same as the master version. Shouldn't be any changes. 

 

Also coming soon with early views in the dev version you can use SSH clone urls. panHandler will generate a local ssh key you can add to your account. This will enable access to private repos where auth required. Still no support for https clones and a password input field.

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!