Command Selection and CLI
Command selection guide
Section titled “Command selection guide”| Need | Recommended command | Notes |
|---|---|---|
| Execute one command immediately | rauto exec | Best for fast checks and troubleshooting |
| Render and execute a stored template | rauto template | Best for reusable command logic |
| Drive interactive prompt/response flows | rauto flow | Best for wizard-like CLI operations |
| Upload a local file over SFTP | rauto upload | Requires the target to expose an sftp subsystem |
| Run a rollback-aware transaction block | rauto tx | Best for a single target and one compact transaction unit |
| Execute a transaction workflow JSON | rauto tx-workflow | Best for multi-block change workflows |
| Execute a multi-device plan | rauto orchestrate | Best for staged serial or parallel delivery |
| Open the local console | rauto web | Best for self-managed visual operations |
| Start a managed execution node | rauto agent | Best when connecting to rauto-manager |
Shared connection parameters
Section titled “Shared connection parameters”Most execution commands share the same global connection parameters:
| Parameter | Description |
|---|---|
--host | Device hostname or IP |
--username | SSH username |
--password | SSH password |
--enable-password | Privileged mode password |
--ssh-port | SSH port |
--ssh-security | Compatibility profile: secure, balanced, or legacy-compatible |
--linux-shell-flavor | Linux shell exit-code parsing mode: posix or fish |
--device-profile | Target device profile, default is linux |
--connection | Reference a saved connection by name |
--save-connection | Save the effective connection after success |
--save-password | Save password fields together with --save-connection |
Common examples
Section titled “Common examples”rauto exec "show ip int br" \ --host 192.168.1.1 \ --username admin \ --password secret \ --device-profile ciscoIf you need a specific execution mode:
rauto exec "show bgp neighbor" --connection core-sw-01 --mode Enabletemplate
Section titled “template”rauto template configure_vlan.j2 \ --vars ./vars.json \ --connection core-sw-01To render without executing:
rauto template configure_vlan.j2 --vars ./vars.json --dry-runrauto flow \ --template cisco_like_copy \ --vars-json '{"command":"copy scp: flash:/new.bin","server_addr":"192.168.1.50","remote_path":"/images/new.bin","transfer_username":"backup","transfer_password":"secret"}' \ --connection core-01upload
Section titled “upload”rauto upload \ --local-path ./daemon.conf \ --remote-path /tmp/daemon.conf \ --connection linux-jump-01Recording and replay
Section titled “Recording and replay”Execution commands generally support recording:
rauto exec "show version" \ --connection core-sw-01 \ --record-file ./recording.jsonl \ --record-level key-events-onlyTo inspect a recording, you can first list entries:
rauto replay ./recording.jsonl --listYou can also replay a specific command:
rauto replay ./recording.jsonl --command "show version" --mode EnableRecommended connection workflow
Section titled “Recommended connection workflow”Ad-hoc phase
Section titled “Ad-hoc phase”Start by passing --host, --username, and --password directly.
Repetitive execution phase
Section titled “Repetitive execution phase”Move to saved connections:
rauto connection add edge-01 \ --host 192.168.1.11 \ --username admin \ --device-profile huaweiThen reuse it consistently:
rauto exec "display version" --connection edge-01Multi-device phase
Section titled “Multi-device phase”Using saved connections together with inventory group, tx-workflow, and orchestrate is more stable than hand-writing connection flags everywhere.
Full management command families
Section titled “Full management command families”The current CLI source defines a broader management surface than the quick selection table alone suggests.
rauto device
Section titled “rauto device”Current subcommands from source:
listshow <name>delete-custom <name>copy-builtin <source> <name> [--overwrite]diagnose <name> [--json]
rauto connection
Section titled “rauto connection”Current subcommands from source:
testlistshow <name>delete <name>add <name>import <file> [--json]
rauto inventory
Section titled “rauto inventory”Current inventory operations:
group list [--json]group show <name> [--json]group upsert <name> [--file <path> | --content <json>]group delete <name>resolve-vars [--host <saved-connection>] [--group <name>] [--vars-file <path>] [--vars-json <json>] [--json]
rauto history
Section titled “rauto history”Current subcommands:
list <connection-name> [--limit <n>] [--json]show <connection-name> <id> [--json]delete <connection-name> <id>
rauto blacklist
Section titled “rauto blacklist”Current subcommands:
listadd <pattern>delete <pattern>check <command>
rauto templates
Section titled “rauto templates”Current subcommands:
listshow <name>create <name> [--file <path> | --content <template>]update <name> [--file <path> | --content <template>]delete <name>
rauto flow-template
Section titled “rauto flow-template”Current subcommands:
listshow <name>create <name> [--file <path> | --content <toml>]update <name> [--file <path> | --content <toml>]delete <name>
rauto backup
Section titled “rauto backup”Current subcommands:
create [--output <archive>]restore <archive> [--replace]list
Other useful management commands
Section titled “Other useful management commands”rauto device listrauto device show <name>rauto templates listrauto flow-template listrauto connection listrauto history list <connection-name>rauto blacklist listrauto backup list
Recording and replay details
Section titled “Recording and replay details”The source code and README together make it clear that recording is a first-class capability rather than a secondary debugging feature.
Recording-related options currently include:
exec/template/flow/upload/tx/tx-workflow --record-file <path>exec/template/flow/upload/tx/tx-workflow --record-level <key-events-only|full>replay <record_file> --listreplay <record_file> --command <cmd> [--mode <mode>]
Operational notes from the current README:
- replayed
SessionEvent::CommandOutputentries may includeexit_codefor Linux shell flows key-events-onlyis the minimum audit-friendly levelfullcaptures richer prompt and state-transition detail
Operational guidance
Section titled “Operational guidance”Use command families, not isolated commands
Section titled “Use command families, not isolated commands”In enterprise usage, rauto is best treated as a command family rather than a single execution command.
A typical operator path often looks like:
connection addto normalize targetsdevice showordevice diagnoseto validate profile behaviortemplateorflowfor repeatable task executiontx/tx-workflow/orchestratefor governed change deliveryhistory,replay, and backups for audit and recovery
If you already know you need reusable execution logic, continue with Templates and Command Flows.