- A Use Case for Network Automation
Use the Python
I frequently find myself in the position of confronting "hostile" networks.
I describe the tools I've found useful to recover control, audit, document and automate these networks
control
audit
document
automate
SNMP could provide a lot the information I need, but it would have to
the mass enablement of SNMP could be one of the first use cases for the network automation tools
Why
I discovered the
It enabled me to log in to hosts and gather the output of commands, such as
A Few Words of Caution
Mass
Configuration backup strategy: this ideally would include a versioning feature, so you can roll back to a specific "known good" point in time. Check out the RANCID package
Out-of-band network
A strategy for testing: for example, have a dedicated pool of representative equipment permanently set aside for testing and proof of concepts. When rolling out a change on a production network, first verify the automation on a few devices before trying to do hundreds at once.
Using
several standalone scripts called
netmiko-cfg
Apply snippets of configurations to one or more devices.
Mass changes could include DNS servers, NTP servers, SNMP community strings or
You still will need to verify that the commands you're sending are appropriate for the vendor and OS combinations of the target devices, as
As I was dealing with hundreds of devices, I didn't want to create the YAML-formatted inventory file by hand. Instead, I started with a simple list of devices and the corresponding
I then used standard Linux commands to create the YAML inventory file:
I'm using a centralized authentication system, so the
Once you've created this inventory, you can use the
https://www.linuxjournal.com/content/use-case-network-automation
- Netmiko
Multi-vendor library to simplify
https://github.com/ktbyers/netmiko
- What is eNMS
Configuration Management Service: Commit / Rollback of a configuration with Napalm or
Ansible Service: Sending and managing Ansible playbooks.
ReST Service: Sending a ReST call (GET/POST/UPDATE/DELETE) with variable URL and payload.
Custom Services:
Workflows: Services can
Scheduling:
Event-driven automation: Services and workflows can be triggered by an external event (ReST call or
https://enms.readthedocs.io/en/latest/base/introduction.html
- Oxidized
Running with Docker
build the container locally (requires docker 17.05.0-ce or higher):
https://github.com/ytti/oxidized
- RANCID is a config differ
If you had it installed RANCID could have told you exactly what configuration the technicians changed. Aside from showing you what changed during last night RANCID shows you all the changes since it. .was introduced
So if you
Having all your configurations stored on the RANCID server also works as a backup.
Though great for collecting device configurations you can also use RANCID to get specific information from your devices by sending a command to several nodes, such as “show
Our test network
For the purpose of testing let’s say you are installing RANCID in a network where you have a headquarter and four branch offices. In the headquarter there is one router, one distributions switch, three access switches and six stand-alone access-points. In each of the branch offices you have one router, one access-switch and two access-points. You want to use RANCID to handle
Now you have a system you can use to collect information from your devices and it will act as a backup and you will see changes.
https://networklore.com/rancid-getting-started/
- Network Automation with Python
we have been using RANCID [
RANCID quickly showed us its limitations, and
that’s not a big surprise since
The fact is that RANCID
These include its emulating the slow and random typing rate of a human so as not to “overload” the system’s CPU, storing configurations in a centralized and outdated file version management system (CVS), concentrating run commands
One open-source alternative
it aims to correct several of RANCID’s restrictions.
Oxidized stores configurations in databases to facilitate scaling, integrates its own monitor for scheduling, and is open to other file versioning systems, such as Git.
Another benefit is that Python 3 handles
https://blog.intercloud.com/network-automation-with-python
- How to remotely monitor hosts over Telnet and SSH [Tutorial]
the Telnet module
SSH using different modules in Python.
You will also learn about how telnetlib, subprocess, fabric, Netmiko, and paramiko modules work.
how to apply these patterns and build working software on top of a serverless system.
The telnetlib() module
Telnet is a network protocol that allows a user to communicate with remote servers. It is mostly used by network administrators to remotely access and manage devices.
Python has the telnetlib module to perform Telnet functions through Python scripts
you will learn to do SSH by using different modules in Python, such as subprocess, fabric, Netmiko, and Paramiko.
The subprocess.Popen() module
SSH using fabric module
Fabric is a Python library as well as a command-line tool for the use of SSH. It is used for system administration and application deployment over the network. We can also execute shell commands over SSH.
SSH using the Paramiko library
Paramiko is a library that implements the SSHv2 protocol for secure connections to remote devices.
we created a few virtual LANs on a remote device
SSH using the Netmiko library
https://hub.packtpub.com/how-to-remotely-monitor-hosts-over-telnet-and-ssh-tutorial/