Scribd
Upload
101 views32 pages

Automating Ip Networks With Python v2

Uploaded by

LAngel Reyes
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
101 views32 pages

Automating Ip Networks With Python v2

Uploaded by

LAngel Reyes
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 32

Automating IP networks

with Python
Tomás Lynch
LACNOG 2019
What would you choose?

Life with or without automation?


© Vultr 2019 LACNOC2019 - Automation - Lynch 2
Actually...

Life without automation Life with automation


© Vultr 2019 LACNOC2019 - Automation - Lynch 3
Standardization before automation
Automation is useless without standardized configuration

Naming convention, same OS version, etc. are automation fundamental pieces

Automation relies on regular expressions

Example: add a prefix list to all edge routers:

router.edge1.ar, router.edge1.br, router.edge1.co


vs.
diego10.gimnasia, router-garrincha, co5ar0_edge

© Vultr 2019 LACNOC2019 - Automation - Lynch 4


Automation and
Python

© Vultr 2019 LACNOC2019 - Automation - Lynch 5


Python network element packages
ncclient
● Juniper, Cisco CSR, Cisco Nexus, Huawei, Alcatel Lucent, H3C, HP
● netconf only

PyEZ
● Juniper

netmiko
● Arista, Cisco IOS, Juniper, MikroTik, among others

And 6,594 projects more

© Vultr 2019 LACNOC2019 - Automation - Lynch 6


show lldp neighbors performance
PyEZ - predefined table netmiko - CLI
dev = Device( device = {
host=router, 'device_type': 'brocade',
user=uname, 'ip': router,
connect

password=pw 'username': uname,


) 'password': pw,
'port': port,
'secret': enablepass
}

dev.open() ssh_connect=Netmiko(**device)
ssh_connect.enable()
command

ssh_connect.send_command('skip-page-display')
router_lldp = LLDPNeighborTable(dev)
lldp_neighbors = router_lldp.get() lldp_neighbors =
ssh_connect.send_command('show lldp neighbors
detail')
dis

dev.close() ssh_connect.disconnect()

© Vultr 2019 LACNOC2019 - Automation - Lynch 7


Package performance
PyEZ netmiko (ssh)

Predefined operational table Command-line interface

10 routers 10 routers

15 seconds 1 minute 38 seconds

Output: lldp_neighbors Output: lldp_neighbors

Dictionary Plain text

Ready to use! More processing

© Vultr 2019 LACNOC2019 - Automation - Lynch 8


Automation and
Python in use

© Vultr 2019 LACNOC2019 - Automation - Lynch 9


The network
Internet
Cloud servers, bare metal, and storage

16 worldwide locations
Edge Edge
router router
1 2
1600 network elements in Clos topology

Automation using puppet, python, etc.


Distribution 1 Distribution n

TOR 1 TOR 2 TOR 3 TOR m

VMs VMs VMs VMs

© Vultr 2019 LACNOC2019 - Automation - Lynch 10


Example 1: update_bgp_peer

bgpq3

13 Public Peering Exchange Points


17 Private Peering facilities
1100 peers aprox.

© Vultr 2019 LACNOC2019 - Automation - Lynch 11


Example 2: interface_description

© Vultr 2019 LACNOC2019 - Automation - Lynch 12


Other developed scripts for BGP
configure_customer_bgp

remove_customer_bgp

get_bgp_summary

update_transit_config

enable_sflow_everywhere

and many more for maintenance, server activation, etc.

© Vultr 2019 LACNOC2019 - Automation - Lynch 13


Conclusions,
recommendations,
and references

© Vultr 2019 LACNOC2019 - Automation - Lynch 14


Conclusions
Standardization is the most important step before automation

Automate repetitive and boring tasks

Peering information, standards verification, massive changes, etc.

Use complete commands: “show running-config” instead of “sh ru”

© Vultr 2019 LACNOC2019 - Automation - Lynch 15


Recommendations
Do not spend time in once in a lifetime scripts

Use your old friends: grep, awk, etc.

If no experience: start with non-disrupting commands

Use vendor specific packages if possible

Do not store passwords in scripts!

© Vultr 2019 LACNOC2019 - Automation - Lynch 16


References
Network automation – juni.pr/2YVgjVj

netmiko platforms – bit.ly/2Tf6Oeo

PyEZ – juni.pr/2YSmf1g

BGP summary using PyEZ – www.inetzero.com/pyez

bgpq3 – github.com/snar/bgpq3

Use of BGP for Routing in Large-Scale Data Centers – RFC7938

© Vultr 2019 LACNOC2019 - Automation - Lynch 17


Thank you!
Tomas Lynch

tlynch at vultr dot com

© Vultr 2019 LACNOC2019 - Automation - Lynch


Backup slides
Tomas Lynch

tlynch@vultr.com

© Vultr 2019 LACNOC2019 - Automation - Lynch


Automation

© Vultr 2019 LACNOC2019 - Automation - Lynch 20


What is network automation?
Process of automating:

configuration,

management,

testing,

deployment, and

operations

Also called network programmability


© Vultr 2019 LACNOC2019 - Automation - Lynch 21
Automation block diagram

Variables Script API Infrastructure

Device
name REST Router
ASN XML Switch
IP address JSON Server
Description NETCONF Etc.
Etc.

© Vultr 2019 LACNOC2019 - Automation - Lynch 22


Also monitoring?

Variables

Script API Infrastructure

© Vultr 2019 LACNOC2019 - Automation - Lynch 23


If it helps to make automated decisions

Variables

Script

API Infrastructure

Script

© Vultr 2019 LACNOC2019 - Automation - Lynch 24


Standardization

© Vultr 2019 LACNOC2019 - Automation - Lynch 25


Configuration standardization
Automation is useless without a configuration standard or naming convention

Automation relies on regular expressions:

^TRANSIT.* = all transit interfaces

.*PRIV_PEER = all private peers

.*(PUB|PRIV)_PEER = all peers

router.cisco.*\.pa = Cisco routers in Panamá

© Vultr 2019 LACNOC2019 - Automation - Lynch 26


Software version standardization
junos.version_info(major=(15, 1) junos.version_info(major=(18, 4)

{ {
'community': [{ 'community': [{
'name': { 'name': 'EXAMPLE_COMM',
'data': 'EXAMPLE_COMM' 'members': ['65536:1']
}, }]
'members': [{ }
'data': '65536:1'
}]
}]
}

© Vultr 2019 LACNOC2019 - Automation - Lynch 27


PyEZ warning

© Vultr 2019 LACNOC2019 - Automation - Lynch 28


Script
dev = Device(host=router, user=username, password=password)
dev.open()

cli = Config(dev, mode='private')

command = 'set interface et-0/0/0 description "A nice description"'

try:
cli.load(command, format='set')
except (ConfigLoadError, Exception) as err:
print ("Unable to load configuration changes: {0}".format(err))

© Vultr 2019 LACNOC2019 - Automation - Lynch 29


Output
Unable to load configuration changes:
ConfigLoadError(severity: error, bad_element: interface,
message: error: syntax error)

© Vultr 2019 LACNOC2019 - Automation - Lynch 30


The problem?

set interface != set interfaces

© Vultr 2019 LACNOC2019 - Automation - Lynch 31


Corrected script
dev = Device(host=router, user=username, password=password)
dev.open()

cli = Config(dev, mode='private')

command = 'set interfaces et-0/0/0 description "A nice description"'

try:
cli.load(command, format='set')
except (ConfigLoadError, Exception) as err:
print ("Unable to load configuration changes: {0}".format(err))

© Vultr 2019 LACNOC2019 - Automation - Lynch 32

You might also like