This link has the slides that I presented as part of lightning talk at Devops Days India, 2016. In the slides, I have tried to capture how automation in networking area is evolving. I attended first day of the conference and it had a pretty decent collection of talks in Devops area.
Category Archives: devopsnet
Netconf Python ncclient
In my earlier blogs, I had covered basics of Netconf and Yang and how to use Netconf to configure Cisco devices. Recently, I came across this Python ncclient library that simplifies the configuration/monitoring of Networking devices that supports Netconf. Using ncclient library, we can programmatically configure and monitor devices using Netconf. I also found out that Cisco Openstack Neutron plugin uses ncclient library to program the Nexus switches.
I have used Cisco Nexus 3k switch and Cisco VIRL NXOS switch for the examples in this blog.
In my earlier blog on configuring Cisco Nexus devices using Netconf, I covered the following netconf requests.
- “get” request using filter to display configuration.
- “edit-config” request to change configuration.
- “exec-command” to execute raw CLI requests.
In this blog, I will cover the above same tests using Python ncclient library. Even though the examples below are tried from Python interactive shell, the same can be executed as a Python program as well.
First step is to import the ncclient library and create a connection:
Ansible for Arista EoS
This is a continuation of my previous blog on Arista Eapi. Ansible provides a recipe driven approach to manage servers/switches, I have covered Ansible in some of my previous blogs. In this blog, I will cover the following:
- Ansible modules for Arista device
- Ansible galaxy eos role for Arista device
There are 2 approaches to use Ansible with Arista device. Following picture from Arista illustrates this point:
- The first approach is called remote approach from Ansible perspective. Here the ansible python script is transferred to Arista device using ssh and the python script is executed on the Arista device which connects locally to the device using Pyeapi which in turn talks through eapi.
- The second approach is called local approach from Ansible perspective. Here the Ansible python script is run locally in the client machine which in turn talks to Pyeapi library which in turn talks to the remote device using eapi.
- Typically, network devices dont allow running scripts directly on the device. In that case, only second option would be possible. In Arista’s case, there are no restrictions like this and both the approaches can be used for Ansible based automation.
Arista Eapi and pyeapi
I had covered basics of Arista EoS and vEoS in my previous blog. Arista’s Eapi gives programmatic approach to manage Arista devices. Arista’s Pyeapi Python library is built on top of Eapi. In this blog, I will cover the following:
- Eapi
- Pyeapi library
I have used Arista vEoS for trying out all examples below without needing a physical Arista device. That shows the power of virtual device.
There is lot of similarity between Arista’s Eapi and Cisco’s NXAPI. I covered NXAPI in 1 of my earlier blogs. Arista’s Eapi is equivalent to Cisco’s NXAPI, Arista’s Pyapi library is equivalent to Cisco’s Pycsco library. Arista’s Eapi provides http/https access to the Arista router/switch through which we can send standard CLI commands and the output is received in JSON/XML formatted output. There is no need to do screen scraping with this approach, this makes it devops friendly. Arista’ Pyeapi is available as a github project.
Eapi:
To enable Eapi in Arista device, do “management api http-commands” in config prompt. Following is the output in my Arista vEoS switch:
Arista EoS and vEoS
I had heard some good things about Arista EoS(Extensible Operating System). I have never used Arista switches before. I did some reading on Arista EoS and I also tried their VEoS which is their Virtual machine offering for running Arista switch as VM. In this blog, I will share some of my experiences.
EoS Overview:
I found this block diagram in Arista White paper:
Following are the things that I liked:
Cisco NXAPI
Earlier, I had written about Cisco NXOS device configuration/monitoring using Python and OnePK. Recently, I came across NXAPI approach to configure and monitor NXOS devices. NXAPI uses either http/https to connect to NXOS devices and talk using NXOS CLI. For configuration, CLI is encoded in XML/JSON. For monitoring, CLI is encoded in XML/JSON and the results are returned in similar format that makes it easy to parse. I also saw this blog and nxos-ansible project from Jason where he has created Ansible modules using NXAPI. In this blog, I will cover NXAPI basics and my experience in trying Pycsco library and nxos-ansible modules from Jason. Thanks to Jason, he has done a nice job abstracting the NXAPI into higher level functions and Ansible modules and this can help others to build up on top of it rather than working from scratch.
Enabling NXAPI:
NXAPI is available on Nexus 3k and 9k devices. I have access to N3K device and I tried this there. To enable NXAPI, we need to execute “feature nxapi” from config prompt. NXAPI also provides a sandbox environment which can be accessed using http from the management ip address. With the sandbox environment, we can execute NXOS CLI commands and get output in JSON or XML format. Following image is a snapshot of the sandbox. Continue reading Cisco NXAPI
Ansible for Network Automation – Part 2
This blog is part of my series on Devops for Networking. In the previous blog, I covered basics of Ansible and how to get started with it. In this blog, I will cover a sample application that I wrote with Ansible. This Ansible application builds on UCS sdk utility that I covered in a previous blog. The UCS python utility displays the inventory of UCS system. I have made that utility as an Ansible module and extended the application to display the inventory of a list of UCS systems that are defined in the host list. This project is more to illustrate the usecase for Ansible.
The source code for the project can be found here. There are 3 files listed here:
getucs.yml - YAML file that defines the playbook getucsinfo - New module that is defined. This file needs to be in "usr/share/ansible" getUcsProp.py - getucsinfo module uses functions in this library. This file needs to be in PYTHONPATH.The library provides utility functions to get UCS inventory.
Ansible for Network automation – Part 1
This blog is part of my series on Devops for Networking. Ansible is a very popular Devops tool and serves similar purposes as Puppet, Chef etc. Ansible has the unique feature that there is no need to install agent on the device side and this makes it very popular for Network device configuration since Network devices are still predominantly a closed system which does not allow agent installation in the device. In this blog, I will cover how to get started with Ansible and in the next blog, I will cover a sample application that I have written.
Ansible basics:
Ansible modules can be run locally or remotely. With the local approach, the module runs locally using apis to talk to remote devices. In remote scenario ,modules are pushed to remote devices, executed as python script and results are returned. Even though there is no need to install remote agent, remote device should allow execution of Python script. Ansible can either be run in command-line for simple tasks or can be executed using a playbook.
Network device configuration using templates with Jinja2 and YAML
This blog is part of my series on Devops for Networking. Typically, Network device configurations for CLI based systems are stored as text files and when its necessary to change parameters like gateway address, vlan, ntp server etc, the script is manually edited and then reapplied to the device. This process is manual and prone to errors. In this blog, I will cover how to automate generation of configuration scripts using Jinja2 and YAML. I will also provide an sample application that I created. For more details, please refer to the references section below.
Tools overview:
Jinja2:
Jinja2 is a Python library for creating configuration based on templates. Jinja2 defines a templating language with which templates are created. The templates can be as simple as a hostname variable that needs to be updated or it can be an array of vlans that needs to be populated. Jinja2 also provides complex templates to cover different scenarios. Following is a very simple example of a template which says ntp_server is a variable that needs to be updated dynamically. We will see later how we can feed in the dynamic values to update.
ntp server {{ ntp_server }}
Continue reading Network device configuration using templates with Jinja2 and YAML
Cisco device configuration using Netconf
This blog is part of my series on Devops for Networking. In this blog, I will cover how to configure and monitor Cisco NXOS devices using Netconf. In 1 of my earlier blogs, I have provided basics of Netconf and Yang.
I have used Nexus 3k switch for my experiments below.
Netconf has the following layers:
- Transport protocol is sshv2.
- rpc request section contains namespace related details.
- Operations section could be different operations like edit-config, get-config, commit, lock etc.
- Content section contains the actual device operation in XML format. The schema for the content can either be specified in XSD format or using Yang. Cisco NXOS devices support XSD format and I will use it in this blog.
Sreenivas Makam's Blog 