Scribd Logo
Upload

Welcome to Scribd!

  • 31 views

    Automating Ip Networks With Python v2

    Uploaded by

    LAngel Reyes

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content

    You might also like

    Automating Ip Networks With Python v2

    Uploaded by

    LAngel Reyes
    31 views32 pages

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    31 views32 pages

    Automating Ip Networks With Python v2

    Uploaded by

    LAngel Reyes

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    of 32

    Automating IP networks

    with Python
    Tomás Lynch
    LACNOG 2019
    What would you choose?

    Life with or without automation?


    © Vultr 2019 LACNOC2019 - Automation - Lynch 2
    Actually...

    Life without automation Life with automation


    © Vultr 2019 LACNOC2019 - Automation - Lynch 3
    Standardization before automation
    Automation is useless without standardized configuration

    Naming convention, same OS version, etc. are automation fundamental pieces

    Automation relies on regular expressions

    Example: add a prefix list to all edge routers:

    router.edge1.ar, router.edge1.br, router.edge1.co


    vs.
    diego10.gimnasia, router-garrincha, co5ar0_edge

    © Vultr 2019 LACNOC2019 - Automation - Lynch 4


    Automation and
    Python

    © Vultr 2019 LACNOC2019 - Automation - Lynch 5


    Python network element packages
    ncclient
    ● Juniper, Cisco CSR, Cisco Nexus, Huawei, Alcatel Lucent, H3C, HP
    ● netconf only

    PyEZ
    ● Juniper

    netmiko
    ● Arista, Cisco IOS, Juniper, MikroTik, among others

    And 6,594 projects more

    © Vultr 2019 LACNOC2019 - Automation - Lynch 6


    show lldp neighbors performance
    PyEZ - predefined table netmiko - CLI
    dev = Device( device = {
    host=router, 'device_type': 'brocade',
    user=uname, 'ip': router,
    connect

    password=pw 'username': uname,


    ) 'password': pw,
    'port': port,
    'secret': enablepass
    }

    dev.open() ssh_connect=Netmiko(**device)
    ssh_connect.enable()
    command

    ssh_connect.send_command('skip-page-display')
    router_lldp = LLDPNeighborTable(dev)
    lldp_neighbors = router_lldp.get() lldp_neighbors =
    ssh_connect.send_command('show lldp neighbors
    detail')
    dis

    dev.close() ssh_connect.disconnect()

    © Vultr 2019 LACNOC2019 - Automation - Lynch 7


    Package performance
    PyEZ netmiko (ssh)

    Predefined operational table Command-line interface

    10 routers 10 routers

    15 seconds 1 minute 38 seconds

    Output: lldp_neighbors Output: lldp_neighbors

    Dictionary Plain text

    Ready to use! More processing

    © Vultr 2019 LACNOC2019 - Automation - Lynch 8


    Automation and
    Python in use

    © Vultr 2019 LACNOC2019 - Automation - Lynch 9


    The network
    Internet
    Cloud servers, bare metal, and storage

    16 worldwide locations
    Edge Edge
    router router
    1 2
    1600 network elements in Clos topology

    Automation using puppet, python, etc.


    Distribution 1 Distribution n

    TOR 1 TOR 2 TOR 3 TOR m

    VMs VMs VMs VMs

    © Vultr 2019 LACNOC2019 - Automation - Lynch 10


    Example 1: update_bgp_peer

    bgpq3

    13 Public Peering Exchange Points


    17 Private Peering facilities
    1100 peers aprox.

    © Vultr 2019 LACNOC2019 - Automation - Lynch 11


    Example 2: interface_description

    © Vultr 2019 LACNOC2019 - Automation - Lynch 12


    Other developed scripts for BGP
    configure_customer_bgp

    remove_customer_bgp

    get_bgp_summary

    update_transit_config

    enable_sflow_everywhere

    and many more for maintenance, server activation, etc.

    © Vultr 2019 LACNOC2019 - Automation - Lynch 13


    Conclusions,
    recommendations,
    and references

    © Vultr 2019 LACNOC2019 - Automation - Lynch 14


    Conclusions
    Standardization is the most important step before automation

    Automate repetitive and boring tasks

    Peering information, standards verification, massive changes, etc.

    Use complete commands: “show running-config” instead of “sh ru”

    © Vultr 2019 LACNOC2019 - Automation - Lynch 15


    Recommendations
    Do not spend time in once in a lifetime scripts

    Use your old friends: grep, awk, etc.

    If no experience: start with non-disrupting commands

    Use vendor specific packages if possible

    Do not store passwords in scripts!

    © Vultr 2019 LACNOC2019 - Automation - Lynch 16


    References
    Network automation – juni.pr/2YVgjVj

    netmiko platforms – bit.ly/2Tf6Oeo

    PyEZ – juni.pr/2YSmf1g

    BGP summary using PyEZ – www.inetzero.com/pyez

    bgpq3 – github.com/snar/bgpq3

    Use of BGP for Routing in Large-Scale Data Centers – RFC7938

    © Vultr 2019 LACNOC2019 - Automation - Lynch 17


    Thank you!
    Tomas Lynch

    tlynch at vultr dot com

    © Vultr 2019 LACNOC2019 - Automation - Lynch


    Backup slides
    Tomas Lynch

    tlynch@vultr.com

    © Vultr 2019 LACNOC2019 - Automation - Lynch


    Automation

    © Vultr 2019 LACNOC2019 - Automation - Lynch 20


    What is network automation?
    Process of automating:

    configuration,

    management,

    testing,

    deployment, and

    operations

    Also called network programmability


    © Vultr 2019 LACNOC2019 - Automation - Lynch 21
    Automation block diagram

    Variables Script API Infrastructure

    Device
    name REST Router
    ASN XML Switch
    IP address JSON Server
    Description NETCONF Etc.
    Etc.

    © Vultr 2019 LACNOC2019 - Automation - Lynch 22


    Also monitoring?

    Variables

    Script API Infrastructure

    © Vultr 2019 LACNOC2019 - Automation - Lynch 23


    If it helps to make automated decisions

    Variables

    Script

    API Infrastructure

    Script

    © Vultr 2019 LACNOC2019 - Automation - Lynch 24


    Standardization

    © Vultr 2019 LACNOC2019 - Automation - Lynch 25


    Configuration standardization
    Automation is useless without a configuration standard or naming convention

    Automation relies on regular expressions:

    ^TRANSIT.* = all transit interfaces

    .*PRIV_PEER = all private peers

    .*(PUB|PRIV)_PEER = all peers

    router.cisco.*\.pa = Cisco routers in Panamá

    © Vultr 2019 LACNOC2019 - Automation - Lynch 26


    Software version standardization
    junos.version_info(major=(15, 1) junos.version_info(major=(18, 4)

    { {
    'community': [{ 'community': [{
    'name': { 'name': 'EXAMPLE_COMM',
    'data': 'EXAMPLE_COMM' 'members': ['65536:1']
    }, }]
    'members': [{ }
    'data': '65536:1'
    }]
    }]
    }

    © Vultr 2019 LACNOC2019 - Automation - Lynch 27


    PyEZ warning

    © Vultr 2019 LACNOC2019 - Automation - Lynch 28


    Script
    dev = Device(host=router, user=username, password=password)
    dev.open()

    cli = Config(dev, mode='private')

    command = 'set interface et-0/0/0 description "A nice description"'

    try:
    cli.load(command, format='set')
    except (ConfigLoadError, Exception) as err:
    print ("Unable to load configuration changes: {0}".format(err))

    © Vultr 2019 LACNOC2019 - Automation - Lynch 29


    Output
    Unable to load configuration changes:
    ConfigLoadError(severity: error, bad_element: interface,
    message: error: syntax error)

    © Vultr 2019 LACNOC2019 - Automation - Lynch 30


    The problem?

    set interface != set interfaces

    © Vultr 2019 LACNOC2019 - Automation - Lynch 31


    Corrected script
    dev = Device(host=router, user=username, password=password)
    dev.open()

    cli = Config(dev, mode='private')

    command = 'set interfaces et-0/0/0 description "A nice description"'

    try:
    cli.load(command, format='set')
    except (ConfigLoadError, Exception) as err:
    print ("Unable to load configuration changes: {0}".format(err))

    © Vultr 2019 LACNOC2019 - Automation - Lynch 32

    You might also like